From db7796bbe8cd3c1650aa1c08d7c8dcdcb0bf226b Mon Sep 17 00:00:00 2001
From: Amoghavarsh <93114621+5Amogh@users.noreply.github.com>
Date: Mon, 21 Jul 2025 11:57:05 +0530
Subject: [PATCH 01/39] Update version in pom.xml to 3.4.0
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 483cc486..cd3a8f6d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
com.iemr.tm
tm-api
- 3.1.0
+ 3.4.0
war
TM-API
From 165232924f87bb0856a3429be15177b648cee5a1 Mon Sep 17 00:00:00 2001
From: 5Amogh
Date: Thu, 31 Jul 2025 16:20:20 +0530
Subject: [PATCH 02/39] story: amm-1668 task - 1754
---
.../iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
index 73f1c0d5..0db522e5 100644
--- a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
+++ b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
@@ -118,7 +118,7 @@ public int updateBenFlowStatusAfterNurseActivityANC(@Param("benFlowID") Long ben
@Query("SELECT t.benFlowID, t.beneficiaryRegID, t.visitDate, t.benName, t.age, t.ben_age_val, t.genderID, t.genderName, "
+ " t.villageName, t.districtName, t.beneficiaryID, t.servicePointName, t.VisitReason, t.VisitCategory, t.benVisitID, "
- + " t.registrationDate, t.benVisitDate, t.visitCode, t.consultationDate FROM BeneficiaryFlowStatus t "
+ + " t.registrationDate, t.benVisitDate, t.visitCode, t.consultationDate, t.fatherName, t.preferredPhoneNum FROM BeneficiaryFlowStatus t "
+ " Where t.beneficiaryRegID = :benRegID AND t.benFlowID = :benFlowID ")
public ArrayList getBenDetailsForLeftSidePanel(@Param("benRegID") Long benRegID,
@Param("benFlowID") Long benFlowID);
From cf8ad95485e393879c486d18b09e46989c0f745d Mon Sep 17 00:00:00 2001
From: Amoghavarsh <93114621+5Amogh@users.noreply.github.com>
Date: Fri, 1 Aug 2025 11:55:12 +0530
Subject: [PATCH 03/39] story: amm-1668 task - 1754 dto updated (#92)
---
.../iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java b/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
index 20588af0..9d70d576 100644
--- a/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
+++ b/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
@@ -329,7 +329,7 @@ public BeneficiaryFlowStatus() {
public BeneficiaryFlowStatus(Long benFlowID, Long benRegID, Timestamp visitDate, String benName, String age,
Integer ageVal, Short genderID, String genderName, String villageName, String districtName,
Long beneficiaryID, String servicePoint, String VisitReason, String VisitCategory, Long benVisitID,
- Timestamp regDate, Timestamp benVisitDate, Long visitCode, Timestamp consultationDate) {
+ Timestamp regDate, Timestamp benVisitDate, Long visitCode, Timestamp consultationDate, String fatherName, String preferredPhoneNum) {
this.benFlowID = benFlowID;
this.beneficiaryRegID = benRegID;
this.serviceDate = benVisitDate;
@@ -349,7 +349,8 @@ public BeneficiaryFlowStatus(Long benFlowID, Long benRegID, Timestamp visitDate,
this.visitCode = visitCode;
this.consultationDate = consultationDate;
this.bloodGroup = null;
-
+ this.fatherName = fatherName;
+ this.preferredPhoneNum = preferredPhoneNum;
}
public BeneficiaryFlowStatus(Long benFlowID, Long benRegID, Long visitCode, Timestamp visitDate, Short benVisitNo,
@@ -371,7 +372,8 @@ public static BeneficiaryFlowStatus getBeneficiaryFlowStatusForLeftPanel(ArrayLi
(String) objArr[3], (String) objArr[4], (Integer) objArr[5], (Short) objArr[6],
(String) objArr[7], (String) objArr[8], (String) objArr[9], (Long) objArr[10],
(String) objArr[11], (String) objArr[12], (String) objArr[13], (Long) objArr[14],
- (Timestamp) objArr[15], (Timestamp) objArr[16], (Long) objArr[17], (Timestamp) objArr[18]);
+ (Timestamp) objArr[15], (Timestamp) objArr[16], (Long) objArr[17], (Timestamp) objArr[18]
+ (String) objArr[19], (String) objArr[20]);
}
}
return obj;
From 317ae6fd099d16817922aad44f0a5f0b2978e49b Mon Sep 17 00:00:00 2001
From: Amoghavarsh <93114621+5Amogh@users.noreply.github.com>
Date: Fri, 1 Aug 2025 12:03:52 +0530
Subject: [PATCH 04/39] story: amm-1668 task - 1754 dto updated (#93)
* story: amm-1668 task - 1754 dto updated
* story: amm-1668 task - 1754
---
.../com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java b/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
index 9d70d576..f7f65b0e 100644
--- a/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
+++ b/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
@@ -372,7 +372,7 @@ public static BeneficiaryFlowStatus getBeneficiaryFlowStatusForLeftPanel(ArrayLi
(String) objArr[3], (String) objArr[4], (Integer) objArr[5], (Short) objArr[6],
(String) objArr[7], (String) objArr[8], (String) objArr[9], (Long) objArr[10],
(String) objArr[11], (String) objArr[12], (String) objArr[13], (Long) objArr[14],
- (Timestamp) objArr[15], (Timestamp) objArr[16], (Long) objArr[17], (Timestamp) objArr[18]
+ (Timestamp) objArr[15], (Timestamp) objArr[16], (Long) objArr[17], (Timestamp) objArr[18],
(String) objArr[19], (String) objArr[20]);
}
}
From 784f42fd727f1c0d702f60e10a9eeba8ee2df366 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Mon, 6 Oct 2025 19:06:36 +0530
Subject: [PATCH 05/39] fix: amm-1879 doctor signature was not coming for
ncdcare
---
.../java/com/iemr/tm/data/ncdcare/NCDCareDiagnosis.java | 7 +++++--
.../iemr/tm/repo/nurse/ncdcare/NCDCareDiagnosisRepo.java | 2 +-
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/main/java/com/iemr/tm/data/ncdcare/NCDCareDiagnosis.java b/src/main/java/com/iemr/tm/data/ncdcare/NCDCareDiagnosis.java
index a9eac0d8..19b93a29 100644
--- a/src/main/java/com/iemr/tm/data/ncdcare/NCDCareDiagnosis.java
+++ b/src/main/java/com/iemr/tm/data/ncdcare/NCDCareDiagnosis.java
@@ -379,7 +379,7 @@ public void setNcdScreeningConditionOther(String ncdScreeningConditionOther) {
public NCDCareDiagnosis(Long beneficiaryRegID, Long benVisitID, Integer providerServiceMapID, Long prescriptionID,
String ncdCareCondition, String ncdComplication, String ncdCareType, Long visitCode,
- String externalInvestigation, String ncdCareConditionOther) {
+ String externalInvestigation, String ncdCareConditionOther, String createdBy, Timestamp createdDate) {
super();
this.beneficiaryRegID = beneficiaryRegID;
this.benVisitID = benVisitID;
@@ -391,6 +391,8 @@ public NCDCareDiagnosis(Long beneficiaryRegID, Long benVisitID, Integer provider
this.visitCode = visitCode;
this.externalInvestigation = externalInvestigation;
this.ncdScreeningConditionOther = ncdCareConditionOther;
+ this.createdBy = createdBy;
+ this.createdDate = createdDate;
}
public static NCDCareDiagnosis getNCDCareDiagnosisDetails(ArrayList resList) {
@@ -398,7 +400,8 @@ public static NCDCareDiagnosis getNCDCareDiagnosisDetails(ArrayList re
if (null != resList && resList.size() > 0) {
Object[] obj = resList.get(0);
cOBJ = new NCDCareDiagnosis((Long) obj[0], (Long) obj[1], (Integer) obj[2], (Long) obj[3], (String) obj[4],
- (String) obj[5], (String) obj[6], (Long) obj[7], null, (String) obj[8]);
+ (String) obj[5], (String) obj[6], (Long) obj[7], null, (String) obj[8], (String) obj[9],
+ (Timestamp) obj[10]);
}
return cOBJ;
diff --git a/src/main/java/com/iemr/tm/repo/nurse/ncdcare/NCDCareDiagnosisRepo.java b/src/main/java/com/iemr/tm/repo/nurse/ncdcare/NCDCareDiagnosisRepo.java
index e7337050..47b30973 100644
--- a/src/main/java/com/iemr/tm/repo/nurse/ncdcare/NCDCareDiagnosisRepo.java
+++ b/src/main/java/com/iemr/tm/repo/nurse/ncdcare/NCDCareDiagnosisRepo.java
@@ -39,7 +39,7 @@
public interface NCDCareDiagnosisRepo extends CrudRepository {
@Query(" SELECT beneficiaryRegID, benVisitID, providerServiceMapID, prescriptionID, "
- + " ncdScreeningCondition, ncdComplication, ncdCareType, visitCode, ncdScreeningConditionOther "
+ + " ncdScreeningCondition, ncdComplication, ncdCareType, visitCode, ncdScreeningConditionOther, createdBy, createdDate "
+ " from NCDCareDiagnosis ba " + " WHERE ba.beneficiaryRegID = :benRegID"
+ " AND ba.visitCode = :visitCode AND ba.deleted = false " + " ORDER BY createdDate desc")
public ArrayList getNCDCareDiagnosisDetails(@Param("benRegID") Long benRegID,
From 3cecdb805f866ff1c30367f289c6070daa6f3bfe Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Tue, 14 Oct 2025 13:49:58 +0530
Subject: [PATCH 06/39] fix: aam-1896 prescribed quantity was not coming in the
casesheet
---
.../transaction/CommonNurseServiceImpl.java | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index 3d0248fc..8ebb3bb5 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -2906,7 +2906,8 @@ else if (durationUnit.equalsIgnoreCase("Month(s)"))
private double getQtyForOneDay(String form, String dose, String frequency) {
double qtyInOneDay = 0;
if (form != null && dose != null && frequency != null) {
- if (frequency.equalsIgnoreCase("Once Daily(OD)")) {
+ if (frequency.equalsIgnoreCase("Once Daily(OD)") || frequency.equalsIgnoreCase("Once Daily(OD) Before Food")||
+ frequency.equalsIgnoreCase("Once Daily(OD) After Food")|| frequency.equalsIgnoreCase("Once Daily(OD) At Bedtime")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = .5;
@@ -2930,7 +2931,8 @@ private double getQtyForOneDay(String form, String dose, String frequency) {
}
}
} else {
- if (frequency.equalsIgnoreCase("Twice Daily(BD)")) {
+ if (frequency.equalsIgnoreCase("Twice Daily(BD)") || frequency.equalsIgnoreCase("Twice Daily(BD) Before Food")||
+ frequency.equalsIgnoreCase("Twice Daily(BD) After Food")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = 1;
@@ -2954,7 +2956,8 @@ private double getQtyForOneDay(String form, String dose, String frequency) {
}
}
} else {
- if (frequency.equalsIgnoreCase("Thrice Daily (TID)")) {
+ if (frequency.equalsIgnoreCase("Thrice Daily (TID)") || frequency.equalsIgnoreCase("Thrice Daily (TID) After Food")||
+ frequency.equalsIgnoreCase("Thrice Daily (TID) Before Food")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = 1.5;
@@ -2978,7 +2981,8 @@ private double getQtyForOneDay(String form, String dose, String frequency) {
}
}
} else {
- if (frequency.equalsIgnoreCase("Four Times in a Day (QID)")) {
+ if (frequency.equalsIgnoreCase("Four Times in a Day (QID)") || frequency.equalsIgnoreCase("Four Times in a Day AF")||
+ frequency.equalsIgnoreCase("Four Times in a Day BF")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = 2;
@@ -3002,7 +3006,8 @@ private double getQtyForOneDay(String form, String dose, String frequency) {
}
}
} else {
- if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")) {
+ if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
+ frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = .5;
@@ -3026,7 +3031,8 @@ private double getQtyForOneDay(String form, String dose, String frequency) {
}
}
} else {
- if (frequency.equalsIgnoreCase("Once in a Week")) {
+ if (frequency.equalsIgnoreCase("Once in a Week") || frequency.equalsIgnoreCase("Once in a Week After Food")
+ || frequency.equalsIgnoreCase("Once in a Week Before Food")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = .07142;
From cfcaba144d785a4c48ac4c4b403be1a23d0f5acc Mon Sep 17 00:00:00 2001
From: SnehaRH <77656297+snehar-nd@users.noreply.github.com>
Date: Wed, 15 Oct 2025 14:37:18 +0530
Subject: [PATCH 07/39] Update pom.xml
3.4.0 to 3.4.1
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index cd3a8f6d..704ab711 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
com.iemr.tm
tm-api
- 3.4.0
+ 3.4.1
war
TM-API
From f3df47064908c28a1016cf821c000a3eef1c7817 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Fri, 31 Oct 2025 15:15:47 +0530
Subject: [PATCH 08/39] fix: amm-1919 fix for update doctor data for higher
refferal data
---
.../common/transaction/CommonDoctorServiceImpl.java | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
index 91b18adb..51de27bb 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
@@ -676,11 +676,12 @@ public Long updateBenReferDetails(JsonObject referObj) throws IEMRException {
referDetailsList.add(referDetailsTemp);
}
}
- } /*
- * else { if (referDetails.getReferredToInstituteName() != null ||
- * referDetails.getRevisitDate() != null || referDetails.getReferralReason() !=
- * null) referDetailsList.add(referDetails); }
- */
+ } else {
+ if (referDetails.getReferredToInstituteName() != null ||
+ referDetails.getRevisitDate() != null || referDetails.getReferralReason() != null) {
+ referDetailsList.add(referDetails);
+ }
+ }
ArrayList res = (ArrayList) benReferDetailsRepo.saveAll(referDetailsList);
if (referDetailsList.size() == res.size()) {
From e5aa84531f7011050d1bccd8b86c6617ec4b9c07 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Mon, 3 Nov 2025 16:20:46 +0530
Subject: [PATCH 09/39] fix: signature enhancement for casesheet
---
.../benFlowStatus/BeneficiaryFlowStatus.java | 20 ++++++++++++++-----
.../BeneficiaryFlowStatusRepo.java | 9 +++++----
.../iemr/tm/service/anc/ANCServiceImpl.java | 14 +++++++++++--
.../CommonBenStatusFlowServiceImpl.java | 7 ++++---
.../transaction/CommonDoctorServiceImpl.java | 6 +++---
.../service/covid19/Covid19ServiceImpl.java | 15 ++++++++++++--
.../generalOPD/GeneralOPDServiceImpl.java | 14 +++++++++++--
.../service/ncdCare/NCDCareServiceImpl.java | 14 +++++++++++--
.../NCDSCreeningDoctorServiceImpl.java | 7 ++++++-
.../iemr/tm/service/pnc/PNCServiceImpl.java | 14 +++++++++++--
.../QuickConsultationServiceImpl.java | 13 ++++++++++--
11 files changed, 105 insertions(+), 28 deletions(-)
diff --git a/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java b/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
index f7f65b0e..884e1b48 100644
--- a/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
+++ b/src/main/java/com/iemr/tm/data/benFlowStatus/BeneficiaryFlowStatus.java
@@ -295,7 +295,11 @@ public class BeneficiaryFlowStatus {
@Expose
@Column(name = "referred_visit_id")
private Long referred_visit_id;
-
+
+ @Expose
+ @Column(name = "doctor_signature_flag")
+ private Boolean doctorSignatureFlag = false;
+
@Transient
private I_bendemographics i_bendemographics;
@Transient
@@ -374,6 +378,9 @@ public static BeneficiaryFlowStatus getBeneficiaryFlowStatusForLeftPanel(ArrayLi
(String) objArr[11], (String) objArr[12], (String) objArr[13], (Long) objArr[14],
(Timestamp) objArr[15], (Timestamp) objArr[16], (Long) objArr[17], (Timestamp) objArr[18],
(String) objArr[19], (String) objArr[20]);
+ if (objArr.length > 21) {
+ obj.setDoctorSignatureFlag((Boolean) objArr[21]);
+ }
}
}
return obj;
@@ -991,9 +998,12 @@ public Long getReferred_visit_id() {
public void setReferred_visit_id(Long referred_visit_id) {
this.referred_visit_id = referred_visit_id;
}
-
-
-
-
+ public Boolean getDoctorSignatureFlag() {
+ return doctorSignatureFlag;
+ }
+
+ public void setDoctorSignatureFlag(Boolean doctorSignatureFlag) {
+ this.doctorSignatureFlag = doctorSignatureFlag;
+ }
}
diff --git a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
index 0db522e5..0ef8f30f 100644
--- a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
+++ b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
@@ -118,7 +118,7 @@ public int updateBenFlowStatusAfterNurseActivityANC(@Param("benFlowID") Long ben
@Query("SELECT t.benFlowID, t.beneficiaryRegID, t.visitDate, t.benName, t.age, t.ben_age_val, t.genderID, t.genderName, "
+ " t.villageName, t.districtName, t.beneficiaryID, t.servicePointName, t.VisitReason, t.VisitCategory, t.benVisitID, "
- + " t.registrationDate, t.benVisitDate, t.visitCode, t.consultationDate, t.fatherName, t.preferredPhoneNum FROM BeneficiaryFlowStatus t "
+ + " t.registrationDate, t.benVisitDate, t.visitCode, t.consultationDate, t.fatherName, t.preferredPhoneNum, t.doctorSignatureFlag FROM BeneficiaryFlowStatus t "
+ " Where t.beneficiaryRegID = :benRegID AND t.benFlowID = :benFlowID ")
public ArrayList getBenDetailsForLeftSidePanel(@Param("benRegID") Long benRegID,
@Param("benFlowID") Long benFlowID);
@@ -204,17 +204,18 @@ public ArrayList getLabWorklistNew(
*updating lab technician flag as well after feto sense.
*/
@Transactional
- @Modifying
+ @Modifying
@Query("UPDATE BeneficiaryFlowStatus t set t.doctorFlag = :docFlag , t.pharmacist_flag = :pharmaFlag, "
+ " t.oncologist_flag = :oncologistFlag, t.consultationDate = now(), t.processed = 'U', "
+ " t.specialist_flag = :tcSpecialistFlag, t.tCSpecialistUserID = :tcSpecialistUserID, "
- + "t.tCRequestDate = :tcDate, t.lab_technician_flag = :labTechnicianFlag "
+ + "t.tCRequestDate = :tcDate, t.lab_technician_flag = :labTechnicianFlag, t.doctorSignatureFlag = :signatureFlag, "
+ " WHERE t.benFlowID = :benFlowID AND " + " t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
public int updateBenFlowStatusAfterDoctorActivity(@Param("benFlowID") Long benFlowID,
@Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("docFlag") Short docFlag,
@Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag,
@Param("tcSpecialistFlag") Short tcSpecialistFlag, @Param("tcSpecialistUserID") int tcSpecialistUserID,
- @Param("tcDate") Timestamp tcDate,@Param("labTechnicianFlag") Short labTechnicianFlag);
+ @Param("tcDate") Timestamp tcDate,@Param("labTechnicianFlag") Short labTechnicianFlag,
+ @Param("signatureFlag") Boolean signatureFlag);
/***
* @author DU20091017
diff --git a/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java b/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
index fc1da82c..8f8db36f 100644
--- a/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
@@ -350,6 +350,11 @@ public Long saveANCDoctorData(JsonObject requestOBJ, String Authorization) throw
Long referSaveSuccessFlag = null;
Integer tcRequestStatusFlag = null;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
// TcSpecialistSlotBookingRequestOBJ tcSpecialistSlotBookingRequestOBJ = null;
@@ -466,7 +471,7 @@ public Long saveANCDoctorData(JsonObject requestOBJ, String Authorization) throw
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataSave(commonUtilityClass, isTestPrescribed,
- isMedicinePrescribed, tcRequestOBJ);
+ isMedicinePrescribed, tcRequestOBJ,doctorSignatureFlag);
if (i > 0)
saveSuccessFlag = diagnosisSuccessFlag;
@@ -1488,6 +1493,11 @@ public Long updateANCDoctorData(JsonObject requestOBJ, String Authorization) thr
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -1596,7 +1606,7 @@ public Long updateANCDoctorData(JsonObject requestOBJ, String Authorization) thr
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataUpdate(commonUtilityClass,
- isTestPrescribed, isMedicinePrescribed, tcRequestOBJ);
+ isTestPrescribed, isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
updateSuccessFlag = investigationSuccessFlag;
else
diff --git a/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java b/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
index df561ae9..fe4f8f0b 100644
--- a/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
@@ -27,6 +27,7 @@
import java.util.ArrayList;
import java.util.Calendar;
+import org.checkerframework.checker.units.qual.s;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -242,11 +243,11 @@ private BeneficiaryFlowStatus getBenFlowRecordObj(String requestOBJ, Long benefi
}
public int updateBenFlowAfterDocData(Long benFlowID, Long benRegID, Long benID, Long benVisitID, short docFlag,
- short pharmaFlag, short oncologistFlag, short tcSpecialistFlag, int tcUserID, Timestamp tcDate,short labTechnicianFlag) {
+ short pharmaFlag, short oncologistFlag, short tcSpecialistFlag, int tcUserID, Timestamp tcDate,short labTechnicianFlag, Boolean signatureFlag) {
int i = 0;
try {
i = beneficiaryFlowStatusRepo.updateBenFlowStatusAfterDoctorActivity(benFlowID, benRegID, benID, docFlag,
- pharmaFlag, oncologistFlag, tcSpecialistFlag, tcUserID, tcDate,labTechnicianFlag);
+ pharmaFlag, oncologistFlag, tcSpecialistFlag, tcUserID, tcDate,labTechnicianFlag, signatureFlag);
} catch (Exception e) {
logger.error("Error in ben flow creation = " + e);
}
@@ -291,7 +292,7 @@ public int updateBenFlowAfterDocDataUpdate(Long benFlowID, Long benRegID, Long b
pharmaF1 = pharmaFlag;
i = beneficiaryFlowStatusRepo.updateBenFlowStatusAfterDoctorActivity(benFlowID, benRegID, benID, docFlag,
- pharmaF1, oncologistFlag, tcSpecialistFlag, tcUserID, tcDate,labTechnicianFlag);
+ pharmaF1, oncologistFlag, tcSpecialistFlag, tcUserID, tcDate,labTechnicianFlag, false);
} catch (Exception e) {
logger.error("Error in ben flow creation = " + e);
throw new Exception(e);
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
index 51de27bb..dd75088f 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
@@ -702,7 +702,7 @@ public Long updateBenReferDetails(JsonObject referObj) throws IEMRException {
/// ------Start of beneficiary flow table after doctor data save-------------
public int updateBenFlowtableAfterDocDataSave(CommonUtilityClass commonUtilityClass, Boolean isTestPrescribed,
- Boolean isMedicinePrescribed, TeleconsultationRequestOBJ tcRequestOBJ) throws IEMRException {
+ Boolean isMedicinePrescribed, TeleconsultationRequestOBJ tcRequestOBJ, Boolean signatureFlag) throws IEMRException {
short pharmaFalg;
short docFlag = (short) 1;
short tcSpecialistFlag = (short) 0;
@@ -808,7 +808,7 @@ public int updateBenFlowtableAfterDocDataSave(CommonUtilityClass commonUtilityCl
} else
i = commonBenStatusFlowServiceImpl.updateBenFlowAfterDocData(tmpBenFlowID, tmpbeneficiaryRegID,
tmpBeneficiaryID, tmpBenVisitID, docFlag, pharmaFalg, (short) 0, tcSpecialistFlag, tcUserID, tcDate,
- labTechnicianFlag);
+ labTechnicianFlag, signatureFlag);
// TM Prescription SMS
if (commonUtilityClass.getIsSpecialist() == true) {
if (tcSpecialistFlag == 9) {
@@ -846,7 +846,7 @@ public int updateBenFlowtableAfterDocDataSave(CommonUtilityClass commonUtilityCl
* @return
*/
public int updateBenFlowtableAfterDocDataUpdate(CommonUtilityClass commonUtilityClass, Boolean isTestPrescribed,
- Boolean isMedicinePrescribed, TeleconsultationRequestOBJ tcRequestOBJ) throws Exception {
+ Boolean isMedicinePrescribed, TeleconsultationRequestOBJ tcRequestOBJ, Boolean doctorSignatureFlag) throws Exception {
int i = 0;
short pharmaFalg;
short docFlag = (short) 0;
diff --git a/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java b/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
index 0d0e424a..db0adb7f 100644
--- a/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
@@ -981,6 +981,11 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -1085,7 +1090,7 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataSave(commonUtilityClass, isTestPrescribed,
- isMedicinePrescribed, tcRequestOBJ);
+ isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
saveSuccessFlag = referSaveSuccessFlag;
@@ -1187,6 +1192,12 @@ public Long updateCovid19DoctorData(JsonObject requestOBJ, String Authorization)
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -1304,7 +1315,7 @@ public Long updateCovid19DoctorData(JsonObject requestOBJ, String Authorization)
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataUpdate(commonUtilityClass,
- isTestPrescribed, isMedicinePrescribed, tcRequestOBJ);
+ isTestPrescribed, isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
updateSuccessFlag = investigationSuccessFlag;
diff --git a/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java b/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
index a74a874f..aa09b486 100644
--- a/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
@@ -754,6 +754,11 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -857,7 +862,7 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataSave(commonUtilityClass, isTestPrescribed,
- isMedicinePrescribed, tcRequestOBJ);
+ isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
saveSuccessFlag = investigationSuccessFlag;
@@ -1360,6 +1365,11 @@ public Long updateGeneralOPDDoctorData(JsonObject requestOBJ, String Authorizati
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -1474,7 +1484,7 @@ public Long updateGeneralOPDDoctorData(JsonObject requestOBJ, String Authorizati
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataUpdate(commonUtilityClass,
- isTestPrescribed, isMedicinePrescribed, tcRequestOBJ);
+ isTestPrescribed, isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
updateSuccessFlag = investigationSuccessFlag;
diff --git a/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
index e5754bf6..2076464d 100644
--- a/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
@@ -771,6 +771,11 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -907,7 +912,7 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataSave(commonUtilityClass, isTestPrescribed,
- isMedicinePrescribed, tcRequestOBJ);
+ isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
saveSuccessFlag = diagnosisSuccessFlag;
@@ -1203,6 +1208,11 @@ public Long updateNCDCareDoctorData(JsonObject requestOBJ, String Authorization)
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -1312,7 +1322,7 @@ public Long updateNCDCareDoctorData(JsonObject requestOBJ, String Authorization)
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataUpdate(commonUtilityClass,
- isTestPrescribed, isMedicinePrescribed, tcRequestOBJ);
+ isTestPrescribed, isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
updateSuccessFlag = investigationSuccessFlag;
diff --git a/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
index 2b6c8825..b21423b7 100644
--- a/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
@@ -94,6 +94,11 @@ public int updateDoctorData(JsonObject requestOBJ, String Authorization) throws
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -188,7 +193,7 @@ public int updateDoctorData(JsonObject requestOBJ, String Authorization) throws
// call method to update beneficiary flow table
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataUpdate(commonUtilityClass,
- isTestPrescribed, isMedicinePrescribed, tcRequestOBJ);
+ isTestPrescribed, isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
updateSuccessFlag = 1;
diff --git a/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java b/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
index 6fe25634..7ad63321 100644
--- a/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
@@ -315,6 +315,11 @@ public Long savePNCDoctorData(JsonObject requestOBJ, String Authorization) throw
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -416,7 +421,7 @@ public Long savePNCDoctorData(JsonObject requestOBJ, String Authorization) throw
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataSave(commonUtilityClass, isTestPrescribed,
- isMedicinePrescribed, tcRequestOBJ);
+ isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
saveSuccessFlag = diagnosisSuccessFlag;
@@ -1381,6 +1386,11 @@ public Long updatePNCDoctorData(JsonObject requestOBJ, String Authorization) thr
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -1489,7 +1499,7 @@ public Long updatePNCDoctorData(JsonObject requestOBJ, String Authorization) thr
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataUpdate(commonUtilityClass,
- isTestPrescribed, isMedicinePrescribed, tcRequestOBJ);
+ isTestPrescribed, isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
updateSuccessFlag = investigationSuccessFlag;
diff --git a/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java b/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
index 8176b158..9ca3e73a 100644
--- a/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
@@ -339,6 +339,11 @@ public Integer quickConsultDoctorDataInsert(JsonObject quickConsultDoctorOBJ, St
if (drugList != null && !drugList.isJsonNull() && drugList.size() > 0)
isMedicinePrescribed = true;
+ Boolean doctorSignatureFlag = false;
+ if (quickConsultDoctorOBJ.has("doctorSignatureFlag") && !quickConsultDoctorOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = quickConsultDoctorOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// save prescribed medicine
if (isMedicinePrescribed) {
@@ -414,7 +419,7 @@ public Integer quickConsultDoctorDataInsert(JsonObject quickConsultDoctorOBJ, St
}
// call method to update beneficiary flow table
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataSave(commonUtilityClass, isTestPrescribed,
- isMedicinePrescribed, tcRequestOBJ);
+ isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
returnOBJ = 1;
@@ -521,6 +526,10 @@ public Long updateGeneralOPDQCDoctorData(JsonObject quickConsultDoctorOBJ, Strin
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (quickConsultDoctorOBJ.has("doctorSignatureFlag") && !quickConsultDoctorOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = quickConsultDoctorOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
// checking if test is prescribed
if (quickConsultDoctorOBJ.has("labTestOrders")) {
testList = quickConsultDoctorOBJ.getAsJsonArray("labTestOrders");
@@ -609,7 +618,7 @@ public Long updateGeneralOPDQCDoctorData(JsonObject quickConsultDoctorOBJ, Strin
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataUpdate(commonUtilityClass, isTestPrescribed,
- isMedicinePrescribed, tcRequestOBJ);
+ isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
updateSuccessFlag = benChiefComplaintID;
From e8f5ba2f9b666baed767968ca94db4c7dc9377ac Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Tue, 4 Nov 2025 12:32:01 +0530
Subject: [PATCH 10/39] fix: signature enhancement for casesheet
---
.../BeneficiaryFlowStatusRepo.java | 18 +++++++++---------
.../CommonBenStatusFlowServiceImpl.java | 16 ++++++++--------
.../service/cancerScreening/CSServiceImpl.java | 8 +++++++-
.../transaction/CommonDoctorServiceImpl.java | 6 +++---
4 files changed, 27 insertions(+), 21 deletions(-)
diff --git a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
index 0ef8f30f..5bcc1d69 100644
--- a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
+++ b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
@@ -208,7 +208,7 @@ public ArrayList getLabWorklistNew(
@Query("UPDATE BeneficiaryFlowStatus t set t.doctorFlag = :docFlag , t.pharmacist_flag = :pharmaFlag, "
+ " t.oncologist_flag = :oncologistFlag, t.consultationDate = now(), t.processed = 'U', "
+ " t.specialist_flag = :tcSpecialistFlag, t.tCSpecialistUserID = :tcSpecialistUserID, "
- + "t.tCRequestDate = :tcDate, t.lab_technician_flag = :labTechnicianFlag, t.doctorSignatureFlag = :signatureFlag, "
+ + "t.tCRequestDate = :tcDate, t.lab_technician_flag = :labTechnicianFlag, t.doctorSignatureFlag = :signatureFlag "
+ " WHERE t.benFlowID = :benFlowID AND " + " t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
public int updateBenFlowStatusAfterDoctorActivity(@Param("benFlowID") Long benFlowID,
@Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("docFlag") Short docFlag,
@@ -225,12 +225,12 @@ public int updateBenFlowStatusAfterDoctorActivity(@Param("benFlowID") Long benFl
@Modifying
@Query("UPDATE BeneficiaryFlowStatus t set t.doctorFlag = :docFlag , t.pharmacist_flag = :pharmaFlag, "
+ " t.oncologist_flag = :oncologistFlag, t.consultationDate = now(), t.processed = 'U', "
- + " t.specialist_flag = :tcSpecialistFlag , t.lab_technician_flag = :labTechnicianFlag "
+ + " t.specialist_flag = :tcSpecialistFlag , t.lab_technician_flag = :labTechnicianFlag, t.doctorSignatureFlag = :signatureFlag "
+ " WHERE t.benFlowID = :benFlowID AND t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
public int updateBenFlowStatusAfterDoctorActivitySpecialist(@Param("benFlowID") Long benFlowID,
@Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("docFlag") Short docFlag,
@Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag,
- @Param("tcSpecialistFlag") Short tcSpecialistFlag,@Param("labTechnicianFlag") Short labTechnicianFlag);
+ @Param("tcSpecialistFlag") Short tcSpecialistFlag,@Param("labTechnicianFlag") Short labTechnicianFlag, @Param("signatureFlag") Boolean signatureFlag);
/***
* @author DU20091017
@@ -240,12 +240,12 @@ public int updateBenFlowStatusAfterDoctorActivitySpecialist(@Param("benFlowID")
@Modifying
@Query("UPDATE BeneficiaryFlowStatus t set t.doctorFlag = :docFlag , t.pharmacist_flag = :pharmaFlag, "
+ " t.oncologist_flag = :oncologistFlag, t.consultationDate = now(), t.processed = 'U', "
- + " t.specialist_flag = :tcSpecialistFlag , t.lab_technician_flag = :labTechnicianFlag "
+ + " t.specialist_flag = :tcSpecialistFlag , t.lab_technician_flag = :labTechnicianFlag, t.doctorSignatureFlag = :signatureFlag"
+ " WHERE t.benFlowID = :benFlowID AND t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
public int updateBenFlowStatusAfterDoctorActivitySpecialistANC(@Param("benFlowID") Long benFlowID,
@Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("docFlag") Short docFlag,
@Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag,
- @Param("tcSpecialistFlag") Short tcSpecialistFlag,@Param("labTechnicianFlag") Short labTechnicianFlag);
+ @Param("tcSpecialistFlag") Short tcSpecialistFlag,@Param("labTechnicianFlag") Short labTechnicianFlag, @Param("signatureFlag") Boolean signatureFlag);
/***
* @author DU20091017
@@ -255,21 +255,21 @@ public int updateBenFlowStatusAfterDoctorActivitySpecialistANC(@Param("benFlowID
@Modifying
@Query("UPDATE BeneficiaryFlowStatus t set t.pharmacist_flag = :pharmaFlag, "
+ " t.oncologist_flag = :oncologistFlag, t.processed = 'U', t.specialist_flag = :tcSpecialistFlag, "
- + "t.lab_technician_flag = :labTechnicianFlag"
+ + "t.lab_technician_flag = :labTechnicianFlag, t.doctorSignatureFlag = :signatureFlag"
+ " WHERE t.benFlowID = :benFlowID AND t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
public int updateBenFlowStatusAfterDoctorActivityTCSpecialist(@Param("benFlowID") Long benFlowID,
@Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("pharmaFlag") Short pharmaFlag,
@Param("oncologistFlag") Short oncologistFlag, @Param("tcSpecialistFlag") Short tcSpecialistFlag,
- @Param("labTechnicianFlag") Short labTechnicianFlag);
+ @Param("labTechnicianFlag") Short labTechnicianFlag, @Param("signatureFlag") Boolean signatureFlag);
@Transactional
@Modifying
@Query("UPDATE BeneficiaryFlowStatus t set t.doctorFlag = :docFlag , t.pharmacist_flag = :pharmaFlag, "
- + " t.oncologist_flag = :oncologistFlag , t.processed = 'U' " + " WHERE t.benFlowID = :benFlowID AND "
+ + " t.oncologist_flag = :oncologistFlag , t.processed = 'U', t.doctorSignatureFlag = :signatureFlag" + " WHERE t.benFlowID = :benFlowID AND "
+ " t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
public int updateBenFlowStatusAfterDoctorActivityUpdate(@Param("benFlowID") Long benFlowID,
@Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("docFlag") Short docFlag,
- @Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag);
+ @Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag, @Param("tcSpecialistFlag") Short tcSpecialistFlag);
@Query("SELECT t from BeneficiaryFlowStatus t "
+ " WHERE t.benVisitDate >= Date(:fromDate) AND t.vanID = :vanID AND t.radiologist_flag = 1 "
diff --git a/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java b/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
index fe4f8f0b..d905a7a7 100644
--- a/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
@@ -255,11 +255,11 @@ public int updateBenFlowAfterDocData(Long benFlowID, Long benRegID, Long benID,
}
public int updateBenFlowAfterDocDataFromSpecialist(Long benFlowID, Long benRegID, Long benID, Long benVisitID,
- short docFlag, short pharmaFlag, short oncologistFlag, short tcSpecialistFlag,short labTechnicianFlag) {
+ short docFlag, short pharmaFlag, short oncologistFlag, short tcSpecialistFlag,short labTechnicianFlag, Boolean signatureFlag) {
int i = 0;
try {
i = beneficiaryFlowStatusRepo.updateBenFlowStatusAfterDoctorActivitySpecialist(benFlowID, benRegID, benID,
- docFlag, pharmaFlag, oncologistFlag, tcSpecialistFlag,labTechnicianFlag);
+ docFlag, pharmaFlag, oncologistFlag, tcSpecialistFlag, labTechnicianFlag, signatureFlag);
} catch (Exception e) {
logger.error("Error in ben flow creation = " + e);
}
@@ -267,11 +267,11 @@ public int updateBenFlowAfterDocDataFromSpecialist(Long benFlowID, Long benRegID
}
public int updateBenFlowAfterDocDataFromSpecialistANC(Long benFlowID, Long benRegID, Long benID, Long benVisitID,
- short docFlag, short pharmaFlag, short oncologistFlag, short tcSpecialistFlag,short labTechnicianFlag) {
+ short docFlag, short pharmaFlag, short oncologistFlag, short tcSpecialistFlag,short labTechnicianFlag, Boolean signatureFlag) {
int i = 0;
try {
i = beneficiaryFlowStatusRepo.updateBenFlowStatusAfterDoctorActivitySpecialistANC(benFlowID, benRegID, benID,
- docFlag, pharmaFlag, oncologistFlag, tcSpecialistFlag,labTechnicianFlag);
+ docFlag, pharmaFlag, oncologistFlag, tcSpecialistFlag, labTechnicianFlag, signatureFlag);
} catch (Exception e) {
logger.error("Error in ben flow creation = " + e);
}
@@ -280,7 +280,7 @@ public int updateBenFlowAfterDocDataFromSpecialistANC(Long benFlowID, Long benRe
public int updateBenFlowAfterDocDataUpdate(Long benFlowID, Long benRegID, Long benID, Long benVisitID,
short docFlag, short pharmaFlag, short oncologistFlag, short tcSpecialistFlag, int tcUserID,
- Timestamp tcDate,short labTechnicianFlag) throws Exception {
+ Timestamp tcDate,short labTechnicianFlag, Boolean signatureFlag) throws Exception {
int i = 0;
try {
Short pharmaF = beneficiaryFlowStatusRepo.getPharmaFlag(benFlowID);
@@ -292,7 +292,7 @@ public int updateBenFlowAfterDocDataUpdate(Long benFlowID, Long benRegID, Long b
pharmaF1 = pharmaFlag;
i = beneficiaryFlowStatusRepo.updateBenFlowStatusAfterDoctorActivity(benFlowID, benRegID, benID, docFlag,
- pharmaF1, oncologistFlag, tcSpecialistFlag, tcUserID, tcDate,labTechnicianFlag, false);
+ pharmaF1, oncologistFlag, tcSpecialistFlag, tcUserID, tcDate, labTechnicianFlag, signatureFlag);
} catch (Exception e) {
logger.error("Error in ben flow creation = " + e);
throw new Exception(e);
@@ -302,7 +302,7 @@ public int updateBenFlowAfterDocDataUpdate(Long benFlowID, Long benRegID, Long b
public int updateBenFlowAfterDocDataUpdateTCSpecialist(Long benFlowID, Long benRegID, Long benID, Long benVisitID,
short docFlag, short pharmaFlag, short oncologistFlag, short tcSpecialistFlag, int tcUserID,
- Timestamp tcDate, short labTechnicianFlag) throws Exception {
+ Timestamp tcDate, short labTechnicianFlag, Boolean signatureFlag) throws Exception {
int i = 0;
try {
Short pharmaF = beneficiaryFlowStatusRepo.getPharmaFlag(benFlowID);
@@ -314,7 +314,7 @@ public int updateBenFlowAfterDocDataUpdateTCSpecialist(Long benFlowID, Long benR
pharmaF1 = pharmaFlag;
i = beneficiaryFlowStatusRepo.updateBenFlowStatusAfterDoctorActivityTCSpecialist(benFlowID, benRegID, benID,
- pharmaF1, oncologistFlag, tcSpecialistFlag,labTechnicianFlag);
+ pharmaF1, oncologistFlag, tcSpecialistFlag, labTechnicianFlag, signatureFlag);
} catch (Exception e) {
logger.error("Error in ben flow creation = " + e);
throw new Exception(e);
diff --git a/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java b/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
index 260a783b..15c4fc00 100644
--- a/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
@@ -811,6 +811,12 @@ public Long saveCancerScreeningDoctorData(JsonObject requestOBJ, String Authoriz
Long docDataSuccessFlag = null;
Long tcRequestStatusFlag = null;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
+
if (requestOBJ != null && requestOBJ.has("diagnosis") && !requestOBJ.get("diagnosis").isJsonNull()) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -916,7 +922,7 @@ public Long saveCancerScreeningDoctorData(JsonObject requestOBJ, String Authoriz
} else {
l2 = commonBenStatusFlowServiceImpl.updateBenFlowAfterDocData(tmpBenFlowID, tmpbeneficiaryRegID,
tmpBeneficiaryID, tmpBenVisitID, docFlag, pharmaFalg, oncologistFlag, tcSpecialistFlag,
- tcUserID, tcDate, (short) 0);
+ tcUserID, tcDate, (short) 0, doctorSignatureFlag);
}
if (l1 > 0 || l2 > 0)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
index dd75088f..32661569 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java
@@ -783,7 +783,7 @@ public int updateBenFlowtableAfterDocDataSave(CommonUtilityClass commonUtilityCl
// updating lab technician flag as well after feto sense
i = commonBenStatusFlowServiceImpl.updateBenFlowAfterDocDataFromSpecialist(tmpBenFlowID,
tmpbeneficiaryRegID, tmpBeneficiaryID, tmpBenVisitID, docFlag, pharmaFalg, (short) 0,
- tcSpecialistFlag, labTechnicianFlag);
+ tcSpecialistFlag, labTechnicianFlag,signatureFlag);
if (tcSpecialistFlag == 9) {
int l = tCRequestModelRepo.updateStatusIfConsultationCompleted(commonUtilityClass.getBeneficiaryRegID(),
commonUtilityClass.getVisitCode(), "D");
@@ -897,7 +897,7 @@ public int updateBenFlowtableAfterDocDataUpdate(CommonUtilityClass commonUtility
i = commonBenStatusFlowServiceImpl.updateBenFlowAfterDocDataUpdateTCSpecialist(tmpBenFlowID,
tmpbeneficiaryRegID, tmpBeneficiaryID, tmpBenVisitID, docFlag, pharmaFalg, (short) 0,
- tcSpecialistFlag, tcUserID, tcDate, labTechnicianFlag);
+ tcSpecialistFlag, tcUserID, tcDate, labTechnicianFlag, doctorSignatureFlag);
if (tcSpecialistFlag == 9) {
int l = tCRequestModelRepo.updateStatusIfConsultationCompleted(commonUtilityClass.getBeneficiaryRegID(),
@@ -945,7 +945,7 @@ public int updateBenFlowtableAfterDocDataUpdate(CommonUtilityClass commonUtility
i = commonBenStatusFlowServiceImpl.updateBenFlowAfterDocDataUpdate(tmpBenFlowID, tmpbeneficiaryRegID,
tmpBeneficiaryID, tmpBenVisitID, docFlag, pharmaFalg, (short) 0, tcSpecialistFlag, tcUserID, tcDate,
- labTechnicianFlag);
+ labTechnicianFlag, doctorSignatureFlag);
}
From a1766fd063ff6ffa82eb615ef42dd6038ad7cc28 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Tue, 4 Nov 2025 12:37:58 +0530
Subject: [PATCH 11/39] fix: signature enhancement for casesheet
---
.../java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java b/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
index 15c4fc00..a9bd3575 100644
--- a/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
@@ -913,7 +913,7 @@ public Long saveCancerScreeningDoctorData(JsonObject requestOBJ, String Authoriz
&& commonUtilityClass.getIsSpecialist() == true) {
l1 = commonBenStatusFlowServiceImpl.updateBenFlowAfterDocDataFromSpecialist(tmpBenFlowID,
tmpbeneficiaryRegID, tmpBeneficiaryID, tmpBenVisitID, docFlag, pharmaFalg, oncologistFlag,
- tcSpecialistFlag, (short) 0);
+ tcSpecialistFlag, (short) 0, doctorSignatureFlag);
if (tcSpecialistFlag == 9) {
int l = tCRequestModelRepo.updateStatusIfConsultationCompleted(
From 3647439aa1cc4836f148d8399379a99eef894b2b Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Tue, 4 Nov 2025 13:09:36 +0530
Subject: [PATCH 12/39] fix: signature enhancement for casesheet for
ncdscreening
---
.../tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java | 2 +-
.../tm/service/ncdscreening/NCDScreeningServiceImpl.java | 7 ++++++-
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
index 5bcc1d69..697dc14e 100644
--- a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
+++ b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
@@ -269,7 +269,7 @@ public int updateBenFlowStatusAfterDoctorActivityTCSpecialist(@Param("benFlowID"
+ " t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
public int updateBenFlowStatusAfterDoctorActivityUpdate(@Param("benFlowID") Long benFlowID,
@Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("docFlag") Short docFlag,
- @Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag, @Param("tcSpecialistFlag") Short tcSpecialistFlag);
+ @Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag, @Param("tcSpecialistFlag") Short tcSpecialistFlag, @Param("signatureFlag") Boolean signatureFlag);
@Query("SELECT t from BeneficiaryFlowStatus t "
+ " WHERE t.benVisitDate >= Date(:fromDate) AND t.vanID = :vanID AND t.radiologist_flag = 1 "
diff --git a/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
index 0f750746..dc91a21a 100644
--- a/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
@@ -1023,6 +1023,11 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isTestPrescribed = false;
Boolean isMedicinePrescribed = false;
+ Boolean doctorSignatureFlag = false;
+ if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ }
+
// checking if test is prescribed
if (requestOBJ.has("investigation") && !requestOBJ.get("investigation").isJsonNull()
&& requestOBJ.get("investigation") != null) {
@@ -1119,7 +1124,7 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
}
int i = commonDoctorServiceImpl.updateBenFlowtableAfterDocDataSave(commonUtilityClass, isTestPrescribed,
- isMedicinePrescribed, tcRequestOBJ);
+ isMedicinePrescribed, tcRequestOBJ, doctorSignatureFlag);
if (i > 0)
saveSuccessFlag = investigationSuccessFlag;
From 7f43bb3f35469b3a67acc1edfc20ca27e472c326 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Tue, 4 Nov 2025 13:17:15 +0530
Subject: [PATCH 13/39] fix: updated beneficiaryflowststusrepo file
---
.../BeneficiaryFlowStatusRepo.java | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
index 697dc14e..579f7631 100644
--- a/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
+++ b/src/main/java/com/iemr/tm/repo/benFlowStatus/BeneficiaryFlowStatusRepo.java
@@ -263,14 +263,16 @@ public int updateBenFlowStatusAfterDoctorActivityTCSpecialist(@Param("benFlowID"
@Param("labTechnicianFlag") Short labTechnicianFlag, @Param("signatureFlag") Boolean signatureFlag);
@Transactional
- @Modifying
- @Query("UPDATE BeneficiaryFlowStatus t set t.doctorFlag = :docFlag , t.pharmacist_flag = :pharmaFlag, "
- + " t.oncologist_flag = :oncologistFlag , t.processed = 'U', t.doctorSignatureFlag = :signatureFlag" + " WHERE t.benFlowID = :benFlowID AND "
- + " t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
- public int updateBenFlowStatusAfterDoctorActivityUpdate(@Param("benFlowID") Long benFlowID,
- @Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("docFlag") Short docFlag,
- @Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag, @Param("tcSpecialistFlag") Short tcSpecialistFlag, @Param("signatureFlag") Boolean signatureFlag);
-
+ @Modifying
+ @Query("UPDATE BeneficiaryFlowStatus t set t.doctorFlag = :docFlag , t.pharmacist_flag = :pharmaFlag, "
+ + " t.oncologist_flag = :oncologistFlag , t.processed = 'U', t.doctorSignatureFlag = :signatureFlag"
+ + " WHERE t.benFlowID = :benFlowID AND "
+ + " t.beneficiaryRegID = :benRegID AND t.beneficiaryID = :benID ")
+ public int updateBenFlowStatusAfterDoctorActivityUpdate(@Param("benFlowID") Long benFlowID,
+ @Param("benRegID") Long benRegID, @Param("benID") Long benID, @Param("docFlag") Short docFlag,
+ @Param("pharmaFlag") Short pharmaFlag, @Param("oncologistFlag") Short oncologistFlag,
+ @Param("signatureFlag") Boolean signatureFlag);
+
@Query("SELECT t from BeneficiaryFlowStatus t "
+ " WHERE t.benVisitDate >= Date(:fromDate) AND t.vanID = :vanID AND t.radiologist_flag = 1 "
+ " AND t.providerServiceMapId= :providerServiceMapId ORDER BY t.benVisitDate DESC ")
From b23f4c7b640062ed28907c4517ac4407fa976e08 Mon Sep 17 00:00:00 2001
From: Vanitha
Date: Mon, 17 Nov 2025 15:01:08 +0530
Subject: [PATCH 14/39] fix: wasa-IDOR Vulnerability
---
pom.xml | 16 +++++--
.../common/main/WorklistController.java | 46 +++++++++++++++----
.../login/IemrMmuLoginController.java | 34 ++++++++++++--
.../TeleConsultationController.java | 18 +++++++-
.../VideoConsultationController.java | 20 ++++++--
src/main/java/com/iemr/tm/utils/JwtUtil.java | 4 ++
6 files changed, 115 insertions(+), 23 deletions(-)
diff --git a/pom.xml b/pom.xml
index cd3a8f6d..c515352a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
com.iemr.tm
tm-api
- 3.4.0
+ 3.6.1
war
TM-API
@@ -59,12 +59,12 @@
org.springframework.boot
spring-boot-starter
-
+
co.elastic.logging
@@ -128,6 +128,16 @@
lombok
true
+
+ org.slf4j
+ slf4j-api
+ ${slf4j.version}
+
+
+ org.slf4j
+ slf4j-simple
+ ${slf4j.version}
+
org.springframework.boot
diff --git a/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java b/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
index 36217a88..27558964 100644
--- a/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
+++ b/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
@@ -41,11 +41,14 @@
import com.iemr.tm.service.common.transaction.CommonDoctorServiceImpl;
import com.iemr.tm.service.common.transaction.CommonNurseServiceImpl;
import com.iemr.tm.service.common.transaction.CommonServiceImpl;
+import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.JwtUtil;
import com.iemr.tm.utils.mapper.InputMapper;
import com.iemr.tm.utils.response.OutputResponse;
import io.lettuce.core.dynamic.annotation.Param;
import io.swagger.v3.oas.annotations.Operation;
+import jakarta.servlet.http.HttpServletRequest;
@RestController
@RequestMapping(value = "/common", headers = "Authorization", consumes = "application/json", produces = "application/json")
@@ -57,6 +60,9 @@ public class WorklistController {
private CommonServiceImpl commonServiceImpl;
private InputMapper inputMapper = new InputMapper();
+ @Autowired
+ private JwtUtil jwtUtil;
+
@Autowired
public void setCommonServiceImpl(CommonServiceImpl commonServiceImpl) {
this.commonServiceImpl = commonServiceImpl;
@@ -678,14 +684,20 @@ public String getBeneficiaryCaseSheetHistory(
@Operation(summary = "Get teleconsultation specialist worklist")
@GetMapping(value = { "/getTCSpecialistWorklist/{providerServiceMapID}/{serviceID}/{userID}" })
public String getTCSpecialistWorkListNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
- @PathVariable("userID") Integer userID, @PathVariable("serviceID") Integer serviceID) {
+ @PathVariable("userID") Integer userID, @PathVariable("serviceID") Integer serviceID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
+ String userId = jwtUtil.getUserIdFromToken(jwtToken);
try {
- if (providerServiceMapID != null && userID != null) {
+ if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewForTM(providerServiceMapID, userID,
serviceID);
if (s != null)
response.setResponse(s);
+ }
+ else if(userId == null || !userID.toString().equals(userId))
+ {
+ response.setError(5000, "Unauthorized access!");
} else {
logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
+ providerServiceMapID + " SID = " + userID);
@@ -705,15 +717,24 @@ public String getTCSpecialistWorkListNew(@PathVariable("providerServiceMapID") I
"/getTCSpecialistWorklistPatientApp/{providerServiceMapID}/{serviceID}/{userID}/{vanID}" })
public String getTCSpecialistWorkListNewPatientApp(
@PathVariable("providerServiceMapID") Integer providerServiceMapID, @PathVariable("userID") Integer userID,
- @PathVariable("serviceID") Integer serviceID, @PathVariable("vanID") Integer vanID) {
+ @PathVariable("serviceID") Integer serviceID, @PathVariable("vanID") Integer vanID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+
+ String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
+ String userId = jwtUtil.getUserIdFromToken(jwtToken);
+
try {
- if (providerServiceMapID != null && userID != null) {
+ if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewForTMPatientApp(providerServiceMapID,
userID, serviceID, vanID);
if (s != null)
response.setResponse(s);
- } else {
+ }
+ else if(userId == null || !userID.toString().equals(userId))
+ {
+ response.setError(5000, "Unauthorized access!");
+ }
+ else {
logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
+ providerServiceMapID + " SID = " + userID);
response.setError(5000, "Invalid request, either ProviderServiceMapID or userID is invalid");
@@ -732,15 +753,24 @@ public String getTCSpecialistWorkListNewPatientApp(
"/getTCSpecialistWorklistFutureScheduled/{providerServiceMapID}/{serviceID}/{userID}" })
public String getTCSpecialistWorklistFutureScheduled(
@PathVariable("providerServiceMapID") Integer providerServiceMapID, @PathVariable("userID") Integer userID,
- @PathVariable("serviceID") Integer serviceID) {
+ @PathVariable("serviceID") Integer serviceID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+
+ String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
+ String userId = jwtUtil.getUserIdFromToken(jwtToken);
+
try {
- if (providerServiceMapID != null && userID != null) {
+ if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewFutureScheduledForTM(providerServiceMapID,
userID, serviceID);
if (s != null)
response.setResponse(s);
- } else {
+ }
+ else if(userId == null || !userID.toString().equals(userId))
+ {
+ response.setError(5000, "Unauthorized access!");
+ }
+ else {
logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
+ providerServiceMapID + " UserID = " + userID);
response.setError(5000, "Invalid request, either ProviderServiceMapID or userID is invalid");
diff --git a/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java b/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
index 6d2c06f7..c771f61a 100644
--- a/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
+++ b/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
@@ -35,10 +35,13 @@
import com.iemr.tm.controller.registrar.main.RegistrarController;
import com.iemr.tm.service.login.IemrMmuLoginServiceImpl;
+import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.JwtUtil;
import com.iemr.tm.utils.mapper.InputMapper;
import com.iemr.tm.utils.response.OutputResponse;
import io.swagger.v3.oas.annotations.Operation;
+import jakarta.servlet.http.HttpServletRequest;
@RestController
@RequestMapping(value = "/user", headers = "Authorization", consumes = "application/json", produces = "application/json")
@@ -49,6 +52,10 @@ public class IemrMmuLoginController {
private IemrMmuLoginServiceImpl iemrMmuLoginServiceImpl;
+
+ @Autowired
+ private JwtUtil jwtUtil;
+
@Autowired
public void setIemrMmuLoginServiceImpl(IemrMmuLoginServiceImpl iemrMmuLoginServiceImpl) {
this.iemrMmuLoginServiceImpl = iemrMmuLoginServiceImpl;
@@ -57,12 +64,20 @@ public void setIemrMmuLoginServiceImpl(IemrMmuLoginServiceImpl iemrMmuLoginServi
@Operation(summary = "Get user service point van details")
@PostMapping(value = "/getUserServicePointVanDetails", produces = {
"application/json" })
- public String getUserServicePointVanDetails(@RequestBody String comingRequest) {
+ public String getUserServicePointVanDetails(@RequestBody String comingRequest, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+
+ String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
+ String userId = jwtUtil.getUserIdFromToken(jwtToken);
+
try {
JSONObject obj = new JSONObject(comingRequest);
logger.info("getUserServicePointVanDetails request " + comingRequest);
+ if (!obj.has("userID") || !obj.get("userID").toString().equals(userId)) {
+ response.setError(5001, "Unauthorized access - userID does not match token");
+ return response.toString();
+ }
String responseData = iemrMmuLoginServiceImpl.getUserServicePointVanDetails(obj.getInt("userID"));
response.setResponse(responseData);
} catch (Exception e) {
@@ -97,16 +112,25 @@ public String getServicepointVillages(@RequestBody String comingRequest) {
@Operation(summary = "Get user service point van details")
@PostMapping(value = "/getUserVanSpDetails", produces = { "application/json" })
- public String getUserVanSpDetails(@RequestBody String comingRequest) {
+ public String getUserVanSpDetails(@RequestBody String comingRequest, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
+ String userId = jwtUtil.getUserIdFromToken(jwtToken);
try {
JSONObject obj = new JSONObject(comingRequest);
logger.info("getServicepointVillages request " + comingRequest);
+
if (obj.has("userID") && obj.has("providerServiceMapID")) {
- String responseData = iemrMmuLoginServiceImpl.getUserVanSpDetails(obj.getInt("userID"),
- obj.getInt("providerServiceMapID"));
- response.setResponse(responseData);
+ // read userID from payload and compare with userId from token
+ String payloadUserId = String.valueOf(obj.getInt("userID"));
+ if (payloadUserId.equals(userId)) {
+ String responseData = iemrMmuLoginServiceImpl.getUserVanSpDetails(obj.getInt("userID"),
+ obj.getInt("providerServiceMapID"));
+ response.setResponse(responseData);
+ } else {
+ response.setError(5001, "Unauthorized access - userID does not match token");
+ }
} else {
response.setError(5000, "Invalid request");
}
diff --git a/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java b/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
index 92e95b44..6b7ac44c 100644
--- a/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
+++ b/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
@@ -30,6 +30,9 @@
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
+import jakarta.servlet.http.HttpServletRequest;
+import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.JwtUtil;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
@@ -47,6 +50,9 @@ public class TeleConsultationController {
@Autowired
private TeleConsultationServiceImpl teleConsultationServiceImpl;
+ @Autowired
+ private JwtUtil jwtUtil;
+
@Operation(summary = "Update beneficiary arrival status based on request")
@PostMapping(value = { "/update/benArrivalStatus" })
public String benArrivalStatusUpdater(@RequestBody String requestOBJ) {
@@ -137,20 +143,28 @@ public String createTCRequestForBeneficiary(@RequestBody String requestOBJ, @Req
// TC request List
@Operation(summary = "Get teleconsultation request list for a specialist")
@PostMapping(value = { "/getTCRequestList" })
- public String getTCSpecialistWorkListNew(@RequestBody String requestOBJ) {
+ public String getTCSpecialistWorkListNew(@RequestBody String requestOBJ, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
+ String userId = jwtUtil.getUserIdFromToken(jwtToken);
+
try {
if (requestOBJ != null) {
JsonObject jsnOBJ = new JsonObject();
JsonParser jsnParser = new JsonParser();
JsonElement jsnElmnt = jsnParser.parse(requestOBJ);
jsnOBJ = jsnElmnt.getAsJsonObject();
-
+ if (jsnOBJ.get("userID").getAsInt() == Integer.parseInt(userId)) {
String s = teleConsultationServiceImpl.getTCRequestListBySpecialistIdAndDate(
jsnOBJ.get("psmID").getAsInt(), jsnOBJ.get("userID").getAsInt(),
jsnOBJ.get("date").getAsString());
if (s != null)
response.setResponse(s);
+ }
+ else
+ {
+ response.setError(5000, "Unauthorized access!");
+ }
} else {
logger.error("Invalid request, either ProviderServiceMapID or userID or reqDate is invalid");
response.setError(5000,
diff --git a/src/main/java/com/iemr/tm/controller/videoconsultationcontroller/VideoConsultationController.java b/src/main/java/com/iemr/tm/controller/videoconsultationcontroller/VideoConsultationController.java
index aca8405a..4e83e6ed 100644
--- a/src/main/java/com/iemr/tm/controller/videoconsultationcontroller/VideoConsultationController.java
+++ b/src/main/java/com/iemr/tm/controller/videoconsultationcontroller/VideoConsultationController.java
@@ -32,6 +32,9 @@
import com.iemr.tm.service.videoconsultation.VideoConsultationService;
import com.iemr.tm.utils.response.OutputResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.JwtUtil;
import io.swagger.v3.oas.annotations.Operation;
@@ -44,19 +47,26 @@ public class VideoConsultationController {
@Autowired
private VideoConsultationService videoConsultationService;
+ @Autowired
+ private JwtUtil jwtUtil;
+
@Operation(summary = "Login to video consultation service")
@GetMapping(value = "/login/{userID}", headers = "Authorization", produces = {
"application/json" })
- public String login(@PathVariable("userID") Long userID) {
+ public String login(@PathVariable("userID") Long userID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
+ String userId = jwtUtil.getUserIdFromToken(jwtToken);
try {
+ if(userID.toString().equals(userId)) {
+ String createdData = videoConsultationService.login(userID);
- String createdData = videoConsultationService.login(userID);
-
- response.setResponse(createdData.toString());
-
+ response.setResponse(createdData.toString());
+ }else {
+ response.setError(5000, "Unauthorized access!");
+ }
} catch (Exception e) {
logger.error(e.getMessage());
response.setError(e);
diff --git a/src/main/java/com/iemr/tm/utils/JwtUtil.java b/src/main/java/com/iemr/tm/utils/JwtUtil.java
index 2639896e..6081f15d 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUtil.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUtil.java
@@ -66,4 +66,8 @@ private Claims extractAllClaims(String token) {
.parseSignedClaims(token)
.getPayload();
}
+
+ public String getUserIdFromToken(String token) {
+ return extractAllClaims(token).get("userId", String.class);
+ }
}
From 9cd210c5737fdf978d0559e6d9d5c10df733aba6 Mon Sep 17 00:00:00 2001
From: Vanitha
Date: Mon, 17 Nov 2025 15:54:45 +0530
Subject: [PATCH 15/39] fix: coderabbit comments
---
pom.xml | 14 ++-------
.../common/main/WorklistController.java | 31 +++++++------------
.../login/IemrMmuLoginController.java | 4 +--
.../TeleConsultationController.java | 11 +++----
.../VideoConsultationController.java | 6 ++--
src/main/java/com/iemr/tm/utils/JwtUtil.java | 11 +++++--
6 files changed, 30 insertions(+), 47 deletions(-)
diff --git a/pom.xml b/pom.xml
index c515352a..530d60e7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -59,12 +59,12 @@
org.springframework.boot
spring-boot-starter
-
+
co.elastic.logging
@@ -128,16 +128,6 @@
lombok
true
-
- org.slf4j
- slf4j-api
- ${slf4j.version}
-
-
- org.slf4j
- slf4j-simple
- ${slf4j.version}
-
org.springframework.boot
diff --git a/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java b/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
index 27558964..acf7c4b0 100644
--- a/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
+++ b/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
@@ -686,18 +686,16 @@ public String getBeneficiaryCaseSheetHistory(
public String getTCSpecialistWorkListNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("userID") Integer userID, @PathVariable("serviceID") Integer serviceID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
- try {
if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewForTM(providerServiceMapID, userID,
serviceID);
if (s != null)
response.setResponse(s);
- }
- else if(userId == null || !userID.toString().equals(userId))
- {
- response.setError(5000, "Unauthorized access!");
+ } else if(userId == null || !userID.toString().equals(userId)) {
+ response.setError(403, "Unauthorized access!");
} else {
logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
+ providerServiceMapID + " SID = " + userID);
@@ -719,22 +717,18 @@ public String getTCSpecialistWorkListNewPatientApp(
@PathVariable("providerServiceMapID") Integer providerServiceMapID, @PathVariable("userID") Integer userID,
@PathVariable("serviceID") Integer serviceID, @PathVariable("vanID") Integer vanID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
-
+ try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
- try {
if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewForTMPatientApp(providerServiceMapID,
userID, serviceID, vanID);
if (s != null)
response.setResponse(s);
- }
- else if(userId == null || !userID.toString().equals(userId))
- {
- response.setError(5000, "Unauthorized access!");
- }
- else {
+ } else if(userId == null || !userID.toString().equals(userId)) {
+ response.setError(403, "Unauthorized access!");
+ } else {
logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
+ providerServiceMapID + " SID = " + userID);
response.setError(5000, "Invalid request, either ProviderServiceMapID or userID is invalid");
@@ -755,22 +749,19 @@ public String getTCSpecialistWorklistFutureScheduled(
@PathVariable("providerServiceMapID") Integer providerServiceMapID, @PathVariable("userID") Integer userID,
@PathVariable("serviceID") Integer serviceID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
- try {
if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewFutureScheduledForTM(providerServiceMapID,
userID, serviceID);
if (s != null)
response.setResponse(s);
- }
- else if(userId == null || !userID.toString().equals(userId))
- {
- response.setError(5000, "Unauthorized access!");
- }
- else {
+ } else if(userId == null || !userID.toString().equals(userId)) {
+ response.setError(403, "Unauthorized access!");
+ } else {
logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
+ providerServiceMapID + " UserID = " + userID);
response.setError(5000, "Invalid request, either ProviderServiceMapID or userID is invalid");
diff --git a/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java b/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
index c771f61a..04c8b5c7 100644
--- a/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
+++ b/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
@@ -114,9 +114,9 @@ public String getServicepointVillages(@RequestBody String comingRequest) {
@PostMapping(value = "/getUserVanSpDetails", produces = { "application/json" })
public String getUserVanSpDetails(@RequestBody String comingRequest, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
- try {
JSONObject obj = new JSONObject(comingRequest);
logger.info("getServicepointVillages request " + comingRequest);
@@ -129,7 +129,7 @@ public String getUserVanSpDetails(@RequestBody String comingRequest, HttpServlet
obj.getInt("providerServiceMapID"));
response.setResponse(responseData);
} else {
- response.setError(5001, "Unauthorized access - userID does not match token");
+ response.setError(403, "Unauthorized access - userID does not match token");
}
} else {
response.setError(5000, "Invalid request");
diff --git a/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java b/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
index 6b7ac44c..2fd3ef46 100644
--- a/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
+++ b/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
@@ -145,27 +145,24 @@ public String createTCRequestForBeneficiary(@RequestBody String requestOBJ, @Req
@PostMapping(value = { "/getTCRequestList" })
public String getTCSpecialistWorkListNew(@RequestBody String requestOBJ, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
- try {
if (requestOBJ != null) {
JsonObject jsnOBJ = new JsonObject();
JsonParser jsnParser = new JsonParser();
JsonElement jsnElmnt = jsnParser.parse(requestOBJ);
jsnOBJ = jsnElmnt.getAsJsonObject();
- if (jsnOBJ.get("userID").getAsInt() == Integer.parseInt(userId)) {
+ if (userId != null && jsnOBJ.has("userID") && jsnOBJ.get("userID").getAsString().equals(userId)) {
String s = teleConsultationServiceImpl.getTCRequestListBySpecialistIdAndDate(
jsnOBJ.get("psmID").getAsInt(), jsnOBJ.get("userID").getAsInt(),
jsnOBJ.get("date").getAsString());
if (s != null)
response.setResponse(s);
- }
- else
- {
- response.setError(5000, "Unauthorized access!");
- }
} else {
+ response.setError(403, "Unauthorized access!");
+ } } else {
logger.error("Invalid request, either ProviderServiceMapID or userID or reqDate is invalid");
response.setError(5000,
"Invalid request, either ProviderServiceMapID or UserID or RequestDate is invalid");
diff --git a/src/main/java/com/iemr/tm/controller/videoconsultationcontroller/VideoConsultationController.java b/src/main/java/com/iemr/tm/controller/videoconsultationcontroller/VideoConsultationController.java
index 4e83e6ed..90243696 100644
--- a/src/main/java/com/iemr/tm/controller/videoconsultationcontroller/VideoConsultationController.java
+++ b/src/main/java/com/iemr/tm/controller/videoconsultationcontroller/VideoConsultationController.java
@@ -56,16 +56,16 @@ public class VideoConsultationController {
public String login(@PathVariable("userID") Long userID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
+ try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
- try {
if(userID.toString().equals(userId)) {
String createdData = videoConsultationService.login(userID);
response.setResponse(createdData.toString());
- }else {
- response.setError(5000, "Unauthorized access!");
+ } else {
+ response.setError(403, "Unauthorized access!");
}
} catch (Exception e) {
logger.error(e.getMessage());
diff --git a/src/main/java/com/iemr/tm/utils/JwtUtil.java b/src/main/java/com/iemr/tm/utils/JwtUtil.java
index 6081f15d..e0576c71 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUtil.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUtil.java
@@ -67,7 +67,12 @@ private Claims extractAllClaims(String token) {
.getPayload();
}
- public String getUserIdFromToken(String token) {
- return extractAllClaims(token).get("userId", String.class);
- }
+ public String getUserIdFromToken(String token) {
+ Claims claims = validateToken(token);
+ if (claims == null) {
+ return null;
+ }
+ return claims.get("userId", String.class);
+ }
}
+
From 5e5aca1c9852eaa4ff1ede89ceb57e2183cb4b86 Mon Sep 17 00:00:00 2001
From: 5Amogh
Date: Mon, 17 Nov 2025 18:05:12 +0530
Subject: [PATCH 16/39] fix: amm-1927 res headers based on origin via allowed
cors
---
.../tm/utils/JwtUserIdValidationFilter.java | 45 +++++++++++++++----
.../tm/utils/http/HTTPRequestInterceptor.java | 36 ++++++++++++++-
2 files changed, 72 insertions(+), 9 deletions(-)
diff --git a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
index 5d6c05b3..232f6706 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
@@ -37,28 +37,58 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
HttpServletResponse response = (HttpServletResponse) servletResponse;
String origin = request.getHeader("Origin");
+ String method = request.getMethod();
+ String uri = request.getRequestURI();
logger.debug("Incoming Origin: {}", origin);
logger.debug("Allowed Origins Configured: {}", allowedOrigins);
+ if ("OPTIONS".equalsIgnoreCase(method)) {
+ if (origin == null) {
+ logger.warn("BLOCKED - OPTIONS request without Origin header | Method: {} | URI: {}", method, uri);
+ response.sendError(HttpServletResponse.SC_FORBIDDEN, "OPTIONS request requires Origin header");
+ return;
+ }
+ if (!isOriginAllowed(origin)) {
+ logger.warn("BLOCKED - Unauthorized Origin | Origin: {} | Method: {} | URI: {}", origin, method, uri);
+ response.sendError(HttpServletResponse.SC_FORBIDDEN, "Origin not allowed");
+ return;
+ }
+ } else {
+ // For non-OPTIONS requests, validate origin if present
+ if (origin != null && !isOriginAllowed(origin)) {
+ logger.warn("BLOCKED - Unauthorized Origin | Origin: {} | Method: {} | URI: {}", origin, method, uri);
+ response.sendError(HttpServletResponse.SC_FORBIDDEN, "Origin not allowed");
+ return;
+ }
+ }
+
+ String path = request.getRequestURI();
+ String contextPath = request.getContextPath();
if (origin != null && isOriginAllowed(origin)) {
- response.setHeader("Access-Control-Allow-Origin", origin);
- response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
- response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, Jwttoken");
- response.setHeader("Vary", "Origin");
+ response.setHeader("Access-Control-Allow-Origin", origin); // Never use wildcard
+ response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS");
+ response.setHeader("Access-Control-Allow-Headers",
+ "Authorization, Content-Type, Accept, Jwttoken, serverAuthorization, ServerAuthorization, serverauthorization, Serverauthorization");
response.setHeader("Access-Control-Allow-Credentials", "true");
+ response.setHeader("Access-Control-Max-Age", "3600");
+ logger.info("Origin Validated | Origin: {} | Method: {} | URI: {}", origin, method, uri);
} else {
logger.warn("Origin [{}] is NOT allowed. CORS headers NOT added.", origin);
}
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
+ // OPTIONS (preflight) - respond with full allowed methods
+ response.setHeader("Access-Control-Allow-Origin", origin);
+ response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS");
+ response.setHeader("Access-Control-Allow-Headers",
+ "Authorization, Content-Type, Accept, Jwttoken, serverAuthorization, ServerAuthorization, serverauthorization, Serverauthorization");
+ response.setHeader("Access-Control-Allow-Credentials", "true");
logger.info("OPTIONS request - skipping JWT validation");
response.setStatus(HttpServletResponse.SC_OK);
return;
}
- String path = request.getRequestURI();
- String contextPath = request.getContextPath();
logger.info("JwtUserIdValidationFilter invoked for path: " + path);
// Log cookies for debugging
@@ -141,8 +171,7 @@ private boolean isOriginAllowed(String origin) {
.anyMatch(pattern -> {
String regex = pattern
.replace(".", "\\.")
- .replace("*", ".*")
- .replace("http://localhost:.*", "http://localhost:\\d+"); // special case for wildcard port
+ .replace("*", ".*");
boolean matched = origin.matches(regex);
return matched;
diff --git a/src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java b/src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java
index 2da14401..703af427 100644
--- a/src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java
+++ b/src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java
@@ -21,11 +21,14 @@
*/
package com.iemr.tm.utils.http;
+import java.util.Arrays;
+
import javax.ws.rs.core.MediaType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.HandlerInterceptor;
@@ -39,6 +42,9 @@
@Component
public class HTTPRequestInterceptor implements HandlerInterceptor {
Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());
+
+ @Value("${cors.allowed-origins}")
+ private String allowedOrigins;
private SessionObject sessionObject;
@@ -95,7 +101,13 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
response.getOutputStream().print(output.toString());
response.setContentType(MediaType.APPLICATION_JSON);
response.setContentLength(output.toString().length());
- response.setHeader("Access-Control-Allow-Origin", "*");
+ String origin = request.getHeader("Origin");
+ if (origin != null && isOriginAllowed(origin)) {
+ response.setHeader("Access-Control-Allow-Origin", origin);
+ response.setHeader("Access-Control-Allow-Credentials", "true");
+ } else if (origin != null) {
+ logger.warn("CORS headers NOT added for error response | Unauthorized origin: {}", origin);
+ }
status = false;
}
}
@@ -126,4 +138,26 @@ public void afterCompletion(HttpServletRequest request, HttpServletResponse resp
throws Exception {
logger.debug("In afterCompletion Request Completed");
}
+
+ /**
+ * Check if the given origin is allowed based on configured allowedOrigins.
+ * Uses the same logic as JwtUserIdValidationFilter for consistency.
+ *
+ * @param origin The origin to validate
+ * @return true if origin is allowed, false otherwise
+ */
+ private boolean isOriginAllowed(String origin) {
+ if (origin == null || allowedOrigins == null || allowedOrigins.trim().isEmpty()) {
+ return false;
+ }
+
+ return Arrays.stream(allowedOrigins.split(","))
+ .map(String::trim)
+ .anyMatch(pattern -> {
+ String regex = pattern
+ .replace(".", "\\.")
+ .replace("*", ".*");
+ return origin.matches(regex);
+ });
+ }
}
\ No newline at end of file
From c8f1b3380abcdc136abaa623b4839620aa6a61c8 Mon Sep 17 00:00:00 2001
From: 5Amogh
Date: Mon, 17 Nov 2025 18:19:23 +0530
Subject: [PATCH 17/39] fix: amm-1927 coderabbit comments resolved
---
.../com/iemr/tm/utils/JwtUserIdValidationFilter.java | 12 ------------
1 file changed, 12 deletions(-)
diff --git a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
index 232f6706..ba64e272 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
@@ -77,18 +77,6 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
logger.warn("Origin [{}] is NOT allowed. CORS headers NOT added.", origin);
}
- if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
- // OPTIONS (preflight) - respond with full allowed methods
- response.setHeader("Access-Control-Allow-Origin", origin);
- response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS");
- response.setHeader("Access-Control-Allow-Headers",
- "Authorization, Content-Type, Accept, Jwttoken, serverAuthorization, ServerAuthorization, serverauthorization, Serverauthorization");
- response.setHeader("Access-Control-Allow-Credentials", "true");
- logger.info("OPTIONS request - skipping JWT validation");
- response.setStatus(HttpServletResponse.SC_OK);
- return;
- }
-
logger.info("JwtUserIdValidationFilter invoked for path: " + path);
// Log cookies for debugging
From 8b431b6b4eb4922a0e473367b58beb510cdaba3a Mon Sep 17 00:00:00 2001
From: Amoghavarsh <93114621+5Amogh@users.noreply.github.com>
Date: Tue, 18 Nov 2025 10:55:37 +0530
Subject: [PATCH 18/39] localhost regex added
---
src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
index ba64e272..79708478 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
@@ -159,7 +159,8 @@ private boolean isOriginAllowed(String origin) {
.anyMatch(pattern -> {
String regex = pattern
.replace(".", "\\.")
- .replace("*", ".*");
+ .replace("*", ".*")
+ .replace("http://localhost:.*", "http://localhost:\\d+");
boolean matched = origin.matches(regex);
return matched;
From ce2a0b0869b76d614a8457f370142306a419536f Mon Sep 17 00:00:00 2001
From: Amoghavarsh <93114621+5Amogh@users.noreply.github.com>
Date: Tue, 18 Nov 2025 10:59:23 +0530
Subject: [PATCH 19/39] Update regex pattern for localhost in interceptor
---
.../java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java b/src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java
index 703af427..f8160d83 100644
--- a/src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java
+++ b/src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java
@@ -156,8 +156,9 @@ private boolean isOriginAllowed(String origin) {
.anyMatch(pattern -> {
String regex = pattern
.replace(".", "\\.")
- .replace("*", ".*");
+ .replace("*", ".*")
+ .replace("http://localhost:.*", "http://localhost:\\d+");
return origin.matches(regex);
});
}
-}
\ No newline at end of file
+}
From c455c663d28bc7e07d81a7e685aa7777c0cb86a2 Mon Sep 17 00:00:00 2001
From: Vanitha
Date: Tue, 18 Nov 2025 17:03:00 +0530
Subject: [PATCH 20/39] fix: remove userid from request
---
.../common/main/WorklistController.java | 44 +++++++++----------
.../login/IemrMmuLoginController.java | 27 +++++-------
.../TeleConsultationController.java | 9 ++--
3 files changed, 38 insertions(+), 42 deletions(-)
diff --git a/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java b/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
index acf7c4b0..308ecf81 100644
--- a/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
+++ b/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
@@ -682,24 +682,24 @@ public String getBeneficiaryCaseSheetHistory(
// TC specialist worklist new
@Operation(summary = "Get teleconsultation specialist worklist")
- @GetMapping(value = { "/getTCSpecialistWorklist/{providerServiceMapID}/{serviceID}/{userID}" })
+ @GetMapping(value = { "/getTCSpecialistWorklist/{providerServiceMapID}/{serviceID}" })
public String getTCSpecialistWorkListNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
- @PathVariable("userID") Integer userID, @PathVariable("serviceID") Integer serviceID, HttpServletRequest request) {
+ @PathVariable("serviceID") Integer serviceID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
- if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
+ Integer userID=Integer.parseInt(userId);
+ if (providerServiceMapID != null && userId != null ) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewForTM(providerServiceMapID, userID,
serviceID);
if (s != null)
response.setResponse(s);
- } else if(userId == null || !userID.toString().equals(userId)) {
+ } else if(userId == null || jwtToken == null) {
response.setError(403, "Unauthorized access!");
} else {
- logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
- + providerServiceMapID + " SID = " + userID);
- response.setError(5000, "Invalid request, either ProviderServiceMapID or userID is invalid");
+ logger.error("Invalid request");
+ response.setError(5000, "Invalid request");
}
} catch (Exception e) {
@@ -712,26 +712,25 @@ public String getTCSpecialistWorkListNew(@PathVariable("providerServiceMapID") I
// TC specialist worklist new, patient App, 14-08-2020
@Operation(summary = "Get teleconsultation specialist worklist for patient app")
@GetMapping(value = {
- "/getTCSpecialistWorklistPatientApp/{providerServiceMapID}/{serviceID}/{userID}/{vanID}" })
+ "/getTCSpecialistWorklistPatientApp/{providerServiceMapID}/{serviceID}/{vanID}" })
public String getTCSpecialistWorkListNewPatientApp(
- @PathVariable("providerServiceMapID") Integer providerServiceMapID, @PathVariable("userID") Integer userID,
+ @PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("serviceID") Integer serviceID, @PathVariable("vanID") Integer vanID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
-
- if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
+ Integer userID=Integer.parseInt(userId);
+ if (providerServiceMapID != null && userID != null) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewForTMPatientApp(providerServiceMapID,
userID, serviceID, vanID);
if (s != null)
response.setResponse(s);
- } else if(userId == null || !userID.toString().equals(userId)) {
+ } else if(userId == null || jwtToken == null) {
response.setError(403, "Unauthorized access!");
} else {
- logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
- + providerServiceMapID + " SID = " + userID);
- response.setError(5000, "Invalid request, either ProviderServiceMapID or userID is invalid");
+ logger.error("Invalid request");
+ response.setError(5000, "Invalid request");
}
} catch (Exception e) {
@@ -744,27 +743,26 @@ public String getTCSpecialistWorkListNewPatientApp(
// TC specialist worklist new future scheduled
@Operation(summary = "Get teleconsultation specialist future scheduled")
@GetMapping(value = {
- "/getTCSpecialistWorklistFutureScheduled/{providerServiceMapID}/{serviceID}/{userID}" })
+ "/getTCSpecialistWorklistFutureScheduled/{providerServiceMapID}/{serviceID}" })
public String getTCSpecialistWorklistFutureScheduled(
- @PathVariable("providerServiceMapID") Integer providerServiceMapID, @PathVariable("userID") Integer userID,
+ @PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("serviceID") Integer serviceID, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
-
- if (providerServiceMapID != null && userID != null && userID.toString().equals(userId)) {
+ Integer userID=Integer.parseInt(userId);
+ if (providerServiceMapID != null && userID != null ) {
String s = commonDoctorServiceImpl.getTCSpecialistWorkListNewFutureScheduledForTM(providerServiceMapID,
userID, serviceID);
if (s != null)
response.setResponse(s);
- } else if(userId == null || !userID.toString().equals(userId)) {
+ } else if(userId == null || jwtToken == null) {
response.setError(403, "Unauthorized access!");
} else {
- logger.error("Invalid request, either ProviderServiceMapID or userID is invalid. PSMID = "
- + providerServiceMapID + " UserID = " + userID);
- response.setError(5000, "Invalid request, either ProviderServiceMapID or userID is invalid");
+ logger.error("Invalid request");
+ response.setError(5000, "Invalid request");
}
} catch (Exception e) {
diff --git a/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java b/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
index 04c8b5c7..de8c36f5 100644
--- a/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
+++ b/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
@@ -66,19 +66,19 @@ public void setIemrMmuLoginServiceImpl(IemrMmuLoginServiceImpl iemrMmuLoginServi
"application/json" })
public String getUserServicePointVanDetails(@RequestBody String comingRequest, HttpServletRequest request) {
OutputResponse response = new OutputResponse();
-
- String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
- String userId = jwtUtil.getUserIdFromToken(jwtToken);
-
try {
+ String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
+ String userId = jwtUtil.getUserIdFromToken(jwtToken);
+ Integer userID=Integer.parseInt(userId);
+
JSONObject obj = new JSONObject(comingRequest);
logger.info("getUserServicePointVanDetails request " + comingRequest);
- if (!obj.has("userID") || !obj.get("userID").toString().equals(userId)) {
- response.setError(5001, "Unauthorized access - userID does not match token");
+ if (userId == null || jwtToken ==null) {
+ response.setError(403, "Unauthorized access: Missing or invalid token");
return response.toString();
}
- String responseData = iemrMmuLoginServiceImpl.getUserServicePointVanDetails(obj.getInt("userID"));
+ String responseData = iemrMmuLoginServiceImpl.getUserServicePointVanDetails(userID);
response.setResponse(responseData);
} catch (Exception e) {
// e.printStackTrace();
@@ -117,21 +117,18 @@ public String getUserVanSpDetails(@RequestBody String comingRequest, HttpServlet
try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
+ Integer userID=Integer.parseInt(userId);
JSONObject obj = new JSONObject(comingRequest);
logger.info("getServicepointVillages request " + comingRequest);
- if (obj.has("userID") && obj.has("providerServiceMapID")) {
- // read userID from payload and compare with userId from token
- String payloadUserId = String.valueOf(obj.getInt("userID"));
- if (payloadUserId.equals(userId)) {
- String responseData = iemrMmuLoginServiceImpl.getUserVanSpDetails(obj.getInt("userID"),
+ if (userId !=null && obj.has("providerServiceMapID")) {
+ String responseData = iemrMmuLoginServiceImpl.getUserVanSpDetails(userID,
obj.getInt("providerServiceMapID"));
response.setResponse(responseData);
+ } else if(userId == null || jwtToken ==null) {
+ response.setError(403, "Unauthorized access : Missing or invalid token");
} else {
- response.setError(403, "Unauthorized access - userID does not match token");
- }
- } else {
response.setError(5000, "Invalid request");
}
} catch (Exception e) {
diff --git a/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java b/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
index 2fd3ef46..390d05c7 100644
--- a/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
+++ b/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
@@ -148,24 +148,25 @@ public String getTCSpecialistWorkListNew(@RequestBody String requestOBJ, HttpSer
try {
String jwtToken = CookieUtil.getJwtTokenFromCookie(request);
String userId = jwtUtil.getUserIdFromToken(jwtToken);
+ Integer userID=Integer.parseInt(userId);
if (requestOBJ != null) {
JsonObject jsnOBJ = new JsonObject();
JsonParser jsnParser = new JsonParser();
JsonElement jsnElmnt = jsnParser.parse(requestOBJ);
jsnOBJ = jsnElmnt.getAsJsonObject();
- if (userId != null && jsnOBJ.has("userID") && jsnOBJ.get("userID").getAsString().equals(userId)) {
+ if (userId != null) {
String s = teleConsultationServiceImpl.getTCRequestListBySpecialistIdAndDate(
- jsnOBJ.get("psmID").getAsInt(), jsnOBJ.get("userID").getAsInt(),
+ jsnOBJ.get("psmID").getAsInt(), userID,
jsnOBJ.get("date").getAsString());
if (s != null)
response.setResponse(s);
} else {
response.setError(403, "Unauthorized access!");
} } else {
- logger.error("Invalid request, either ProviderServiceMapID or userID or reqDate is invalid");
+ logger.error("Invalid request, either ProviderServiceMapID or reqDate is invalid");
response.setError(5000,
- "Invalid request, either ProviderServiceMapID or UserID or RequestDate is invalid");
+ "Invalid request, either ProviderServiceMapID or RequestDate is invalid");
}
} catch (Exception e) {
From 2e761608ba3e9a22c695a1c5d793dc4ed8b7814a Mon Sep 17 00:00:00 2001
From: Vanitha S <116701245+vanitha1822@users.noreply.github.com>
Date: Thu, 27 Nov 2025 14:26:13 +0530
Subject: [PATCH 21/39] Role Based Broken Access Control Implementation : WASA
(#104)
* fix: add @preAuthorize to RBAC
* fix: wasa RBAC implementation
* fix: remove duplicate dependency
* fix: coderabbit comments
* fix: update role
* fix: enable the request matcher
---
pom.xml | 5 +
.../anc/AntenatalCareController.java | 15 +++
.../CancerScreeningController.java | 17 ++++
.../common/main/WorklistController.java | 40 +++++++-
.../common/master/CommonMasterController.java | 2 +
.../controller/covid19/CovidController.java | 10 ++
.../dataSyncActivity/StartSyncActivity.java | 3 +
.../MMUDataSyncVanToServer.java | 2 +
.../FoetalMonitorController.java | 1 +
.../generalOPD/GeneralOPDController.java | 15 ++-
.../LabtechnicianController.java | 2 +
.../location/LocationController.java | 2 +
.../login/IemrMmuLoginController.java | 2 +
.../controller/ncdCare/NCDCareController.java | 11 ++-
.../ncdscreening/NCDScreeningController.java | 16 +++-
.../vitals/AnthropometryVitalsController.java | 2 +
.../PatientAppCommonMasterController.java | 11 +++
.../pnc/PostnatalCareController.java | 16 +++-
.../quickconsult/QuickConsultController.java | 7 ++
.../registrar/main/RegistrarController.java | 17 ++++
.../report/CRMReportController.java | 3 +
.../controller/snomedct/SnomedController.java | 2 +
.../TeleConsultationController.java | 2 +
.../com/iemr/tm/repo/login/UserLoginRepo.java | 5 +
.../iemr/tm/utils/JwtAuthenticationUtil.java | 15 +++
src/main/java/com/iemr/tm/utils/JwtUtil.java | 2 +-
.../exception/CustomAccessDeniedHandler.java | 28 ++++++
.../CustomAuthenticationEntryPoint.java | 23 +++++
.../mapper/RoleAuthenticationFilter.java | 96 +++++++++++++++++++
.../iemr/tm/utils/mapper/SecurityConfig.java | 53 ++++++++++
.../com/iemr/tm/utils/redis/RedisStorage.java | 27 ++++++
31 files changed, 444 insertions(+), 8 deletions(-)
create mode 100644 src/main/java/com/iemr/tm/utils/exception/CustomAccessDeniedHandler.java
create mode 100644 src/main/java/com/iemr/tm/utils/exception/CustomAuthenticationEntryPoint.java
create mode 100644 src/main/java/com/iemr/tm/utils/mapper/RoleAuthenticationFilter.java
create mode 100644 src/main/java/com/iemr/tm/utils/mapper/SecurityConfig.java
diff --git a/pom.xml b/pom.xml
index 530d60e7..46273131 100644
--- a/pom.xml
+++ b/pom.xml
@@ -56,6 +56,10 @@
org.springframework.boot
spring-boot-starter-aop
+
+ org.springframework.boot
+ spring-boot-starter-security
+
org.springframework.boot
spring-boot-starter
@@ -71,6 +75,7 @@
logback-ecs-encoder
1.3.2
+
org.springdoc
diff --git a/src/main/java/com/iemr/tm/controller/anc/AntenatalCareController.java b/src/main/java/com/iemr/tm/controller/anc/AntenatalCareController.java
index aef00a49..2d048061 100644
--- a/src/main/java/com/iemr/tm/controller/anc/AntenatalCareController.java
+++ b/src/main/java/com/iemr/tm/controller/anc/AntenatalCareController.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
@@ -66,6 +67,7 @@ public void setAncServiceImpl(ANCServiceImpl ancServiceImpl) {
*/
@Operation(summary = "Save ANC nurse data")
@PostMapping(value = { "/save/nurseData" })
+ @PreAuthorize("hasRole('NURSE') ")
public String saveBenANCNurseData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) throws Exception {
OutputResponse response = new OutputResponse();
@@ -98,6 +100,7 @@ public String saveBenANCNurseData(@RequestBody String requestObj,
@Operation(summary = "Save ANC doctor data")
@PostMapping(value = { "/save/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String saveBenANCDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -132,6 +135,7 @@ public String saveBenANCDoctorData(@RequestBody String requestObj,
@Operation(summary = "Get ANC beneficiary visit details from nurse")
@PostMapping(value = { "/getBenVisitDetailsFrmNurseANC" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVisitDetailsFrmNurseANC(
@Param(value = "{\"benRegID\":\"Long\", \"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -158,6 +162,7 @@ public String getBenVisitDetailsFrmNurseANC(
@Operation(summary = "Get ANC beneficiary details from nurse")
@PostMapping(value = { "/getBenANCDetailsFrmNurseANC" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenANCDetailsFrmNurseANC(
@Param(value = "{\"benRegID\":\"Long\", \"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -184,6 +189,7 @@ public String getBenANCDetailsFrmNurseANC(
@Operation(summary = "Get ANC beneficiary history from nurse")
@PostMapping(value = { "/getBenANCHistoryDetails" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenANCHistoryDetails(
@Param(value = "{\"benRegID\":\"Long\", \"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -209,6 +215,7 @@ public String getBenANCHistoryDetails(
@Operation(summary = "Get ANC beneficiary vitals from nurse")
@PostMapping(value = { "/getBenANCVitalDetailsFrmNurseANC" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenANCVitalDetailsFrmNurseANC(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -235,6 +242,7 @@ public String getBenANCVitalDetailsFrmNurseANC(
@Operation(summary = "Get ANC beneficiary examination details from nurse")
@PostMapping(value = { "/getBenExaminationDetailsANC" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenExaminationDetailsANC(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -260,6 +268,7 @@ public String getBenExaminationDetailsANC(
@Operation(summary = "Get ANC beneficiary case record")
@PostMapping(value = { "/getBenCaseRecordFromDoctorANC" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
@Transactional(rollbackFor = Exception.class)
public String getBenCaseRecordFromDoctorANC(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
@@ -288,6 +297,7 @@ public String getBenCaseRecordFromDoctorANC(
@Operation(summary = "Check high risk pregnancy status for ANC beneficiary")
@PostMapping(value = { "/getHRPStatus" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getHRPStatus(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -316,6 +326,7 @@ public String getHRPStatus(
@Operation(summary = "Update ANC beneficiary data")
@PostMapping(value = { "/update/ANCScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateANCCareNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -344,6 +355,7 @@ public String updateANCCareNurse(@RequestBody String requestObj) {
@Operation(summary = "Update ANC beneficiary history")
@PostMapping(value = { "/update/historyScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateANCHistoryNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -372,6 +384,7 @@ public String updateANCHistoryNurse(@RequestBody String requestObj) {
@Operation(summary = "Update ANC beneficiary vitals")
@PostMapping(value = { "/update/vitalScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateANCVitalNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -400,6 +413,7 @@ public String updateANCVitalNurse(@RequestBody String requestObj) {
@Operation(summary = "Update ANC examination data")
@PostMapping(value = { "/update/examinationScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateANCExaminationNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -428,6 +442,7 @@ public String updateANCExaminationNurse(@RequestBody String requestObj) {
@Operation(summary = "Update ANC doctor data")
@PostMapping(value = { "/update/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String updateANCDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
diff --git a/src/main/java/com/iemr/tm/controller/cancerscreening/CancerScreeningController.java b/src/main/java/com/iemr/tm/controller/cancerscreening/CancerScreeningController.java
index 09e217f4..b74f7427 100644
--- a/src/main/java/com/iemr/tm/controller/cancerscreening/CancerScreeningController.java
+++ b/src/main/java/com/iemr/tm/controller/cancerscreening/CancerScreeningController.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
@@ -70,6 +71,7 @@ public void setCancerScreeningServiceImpl(CSServiceImpl cSServiceImpl) {
*/
@Operation(summary = "Save cancer screening data collected by nurse")
@PostMapping(value = { "/save/nurseData" })
+ @PreAuthorize("hasRole('NURSE') ")
public String saveBenCancerScreeningNurseData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) throws Exception {
OutputResponse response = new OutputResponse();
@@ -106,6 +108,7 @@ public String saveBenCancerScreeningNurseData(@RequestBody String requestObj,
*/
@Operation(summary = "Update cancer screening data by the doctor")
@PostMapping(value = { "/save/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String saveBenCancerScreeningDoctorData(@RequestBody String requestObj,
@RequestHeader String Authorization) {
OutputResponse response = new OutputResponse();
@@ -137,6 +140,7 @@ public String saveBenCancerScreeningDoctorData(@RequestBody String requestObj,
@Operation(summary = "Get beneficiary visit details")
@PostMapping(value = { "/getBenDataFrmNurseToDocVisitDetailsScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenDataFrmNurseScrnToDocScrnVisitDetails(
@Param(value = "{\"benRegID\":\"Long\", \"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -166,6 +170,7 @@ public String getBenDataFrmNurseScrnToDocScrnVisitDetails(
*/
@Operation(summary = "Get beneficiary cancer history")
@PostMapping(value = { "/getBenDataFrmNurseToDocHistoryScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenDataFrmNurseScrnToDocScrnHistory(
@Param(value = "{\"benRegID\":\"Long\", \"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -195,6 +200,7 @@ public String getBenDataFrmNurseScrnToDocScrnHistory(
*/
@Operation(summary = "Get beneficiary vitals")
@PostMapping(value = { "/getBenDataFrmNurseToDocVitalScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenDataFrmNurseScrnToDocScrnVital(
@Param(value = "{\"benRegID\":\"Long\", \"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -224,6 +230,7 @@ public String getBenDataFrmNurseScrnToDocScrnVital(
*/
@Operation(summary = "Get beneficiary examination details")
@PostMapping(value = { "/getBenDataFrmNurseToDocExaminationScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenDataFrmNurseScrnToDocScrnExamination(
@Param(value = "{\"benRegID\":\"Long\", \"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -253,6 +260,7 @@ public String getBenDataFrmNurseScrnToDocScrnExamination(
*/
@Operation(summary = "Get beneficiary family history")
@PostMapping(value = { "/getBenCancerFamilyHistory" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCancerFamilyHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -284,6 +292,7 @@ public String getBenCancerFamilyHistory(
*/
@Operation(summary = "Get beneficiary personal history")
@PostMapping(value = { "/getBenCancerPersonalHistory" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCancerPersonalHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -315,6 +324,7 @@ public String getBenCancerPersonalHistory(
*/
@Operation(summary = "Get beneficiary personal diet history")
@PostMapping(value = { "/getBenCancerPersonalDietHistory" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCancerPersonalDietHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -346,6 +356,7 @@ public String getBenCancerPersonalDietHistory(
*/
@Operation(summary = "Get beneficiary obstetric history")
@PostMapping(value = { "/getBenCancerObstetricHistory" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCancerObstetricHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -376,6 +387,7 @@ public String getBenCancerObstetricHistory(
*/
@Operation(summary = "Get beneficiary case record and referral details")
@PostMapping(value = { "/getBenCaseRecordFromDoctorCS" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
@Transactional(rollbackFor = Exception.class)
public String getBenCaseRecordFromDoctorCS(
@Param(value = "{\"benRegID\":\"Long\", \"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
@@ -402,6 +414,7 @@ public String getBenCaseRecordFromDoctorCS(
@Operation(summary = "Update cancer screening history")
@PostMapping(value = { "/update/historyScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateCSHistoryNurse(
@Param(value = "{\"historyDetails\": {\"familyHistory\":{\"diseases\": [{\"beneficiaryRegID\":\"Long\", \"benVisitID\":\"Long\", "
+ "\"providerServiceMapID\":\"Integer\", \"cancerDiseaseType\":\"String\", \"otherDiseaseType\":\"String\", \"familyMemberList\":\"List\", "
@@ -453,6 +466,7 @@ public String updateCSHistoryNurse(
*/
@Operation(summary = "Update beneficiary vitals")
@PostMapping(value = { "/update/vitalScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String upodateBenVitalDetail(
@Param(value = "{\"ID\": \"Long\", \"beneficiaryRegID\":\"Long\",\"benVisitID\":\"Long\","
+ "\"weight_Kg\":\"Double\", \"height_cm\":\"Double\", \"waistCircumference_cm\":\"Double\", \"bloodGlucose_Fasting\":\"Short\","
@@ -491,6 +505,7 @@ public String upodateBenVitalDetail(
*/
@Operation(summary = "Update beneficiary examination details")
@PostMapping(value = { "/update/examinationScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String upodateBenExaminationDetail(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -526,6 +541,7 @@ public String upodateBenExaminationDetail(@RequestBody String requestObj) {
*/
@Operation(summary = "Update cancer diagnosis details by oncologist")
@PostMapping(value = { "/update/examinationScreen/diagnosis" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('ONCOLOGIST') ")
public String updateCancerDiagnosisDetailsByOncologist(
@Param(value = "{\"beneficiaryRegID\":\"Long\", \"benVisitID\":\"Long\", \"visitCode\":\"Long\", "
+ "\"provisionalDiagnosisOncologist\":\"String\", \"modifiedBy\":\"string\"}") @RequestBody String requestObj) {
@@ -560,6 +576,7 @@ public String updateCancerDiagnosisDetailsByOncologist(
*/
@Operation(summary = "Update cancer screening data")
@PostMapping(value = { "/update/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String updateCancerScreeningDoctorData(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
diff --git a/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java b/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
index 308ecf81..a5bf46a4 100644
--- a/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
+++ b/src/main/java/com/iemr/tm/controller/common/main/WorklistController.java
@@ -27,6 +27,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@@ -81,6 +82,7 @@ public void setCommonNurseServiceImpl(CommonNurseServiceImpl commonNurseServiceI
// doc worklist new
@Operation(summary = "Get doctor worklist")
@GetMapping(value = { "/getDocWorklistNew/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String getDocWorkListNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("serviceID") Integer serviceID, @PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -105,6 +107,7 @@ public String getDocWorkListNew(@PathVariable("providerServiceMapID") Integer pr
// doc worklist new (TM future scheduled beneficiary)
@Operation(summary = "Get doctor future worklist scheduled for telemedicine")
@GetMapping(value = { "/getDocWorkListNewFutureScheduledForTM/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('TC_SPECIALIST') || hasRole('TCSPECIALIST') ")
public String getDocWorkListNewFutureScheduledForTM(
@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("serviceID") Integer serviceID, @PathVariable("vanID") Integer vanID) {
@@ -131,6 +134,7 @@ public String getDocWorkListNewFutureScheduledForTM(
// nurse worklist new
@Operation(summary = "Get nurse worklist")
@GetMapping(value = { "/getNurseWorklistNew/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('NURSE') ")
public String getNurseWorkListNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -150,6 +154,7 @@ public String getNurseWorkListNew(@PathVariable("providerServiceMapID") Integer
// nurse worklist TC schedule (current-date) new
@Operation(summary = "Get worklist for teleconsultation for the current date")
@GetMapping(value = { "/getNurseWorkListTcCurrentDate/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('TC_SPECIALIST') || hasRole('TCSPECIALIST') ")
public String getNurseWorkListTcCurrentDateNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -170,6 +175,7 @@ public String getNurseWorkListTcCurrentDateNew(@PathVariable("providerServiceMap
// nurse worklist TC schedule (future-date) new
@Operation(summary = "Get worklist for teleconsultation for the future date")
@GetMapping(value = { "/getNurseWorkListTcFutureDate/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('TC_SPECIALIST') || hasRole('TCSPECIALIST') ")
public String getNurseWorkListTcFutureDateNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -189,6 +195,7 @@ public String getNurseWorkListTcFutureDateNew(@PathVariable("providerServiceMapI
@Operation(summary = "Get previous significant findings")
@PostMapping(value = { "/getDoctorPreviousSignificantFindings" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String getDoctorPreviousSignificantFindings(
@Param(value = "{\"beneficiaryRegID\": \"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -215,6 +222,7 @@ public String getDoctorPreviousSignificantFindings(
// Get Lab technician worklist new
@Operation(summary = "Get lab technician worklist")
@GetMapping(value = { "/getLabWorklistNew/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('LAB_TECHNICIAN') || hasRole('LABTECHNICIAN') ")
public String getLabWorkListNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -235,6 +243,7 @@ public String getLabWorkListNew(@PathVariable("providerServiceMapID") Integer pr
// Get radiologist worklist new
@Operation(summary = "Get radiologist worklist")
@GetMapping(value = { "/getRadiologist-worklist-New/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('RADIOLOGIST') ")
public String getRadiologistWorklistNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -255,6 +264,7 @@ public String getRadiologistWorklistNew(@PathVariable("providerServiceMapID") In
// Get oncologist worklist new
@Operation(summary = "Get oncologist worklist")
@GetMapping(value = { "/getOncologist-worklist-New/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('ONCOLOGIST') ")
public String getOncologistWorklistNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -274,6 +284,7 @@ public String getOncologistWorklistNew(@PathVariable("providerServiceMapID") Int
// Get pharma worklist new
@Operation(summary = "Get pharmacist worklist")
@GetMapping(value = { "/getPharma-worklist-New/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('PHARMACIST') ")
public String getPharmaWorklistNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -293,7 +304,8 @@ public String getPharmaWorklistNew(@PathVariable("providerServiceMapID") Integer
@Operation(summary = "Print case sheet of beneficiary")
@PostMapping(value = { "/get/Case-sheet/printData" })
- public String getCasesheetPrintData(@RequestBody String comingReq,
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
+ public String getCasesheetPrintData(@RequestBody String comingReq,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
try {
@@ -313,6 +325,7 @@ public String getCasesheetPrintData(@RequestBody String comingReq,
// Start of Fetch Previous Medical History...
@Operation(summary = "Get beneficiary history")
@PostMapping(value = { "/getBenPastHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenPastHistory(@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -337,6 +350,7 @@ public String getBenPastHistory(@Param(value = "{\"benRegID\":\"Long\"}") @Reque
@Operation(summary = "Get beneficiary tobacco consumption history")
@PostMapping(value = { "/getBenTobaccoHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenTobaccoHistory(@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -361,6 +375,7 @@ public String getBenTobaccoHistory(@Param(value = "{\"benRegID\":\"Long\"}") @Re
@Operation(summary = "Get beneficiary alcohol consumption history")
@PostMapping(value = { "/getBenAlcoholHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenAlcoholHistory(@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -385,6 +400,7 @@ public String getBenAlcoholHistory(@Param(value = "{\"benRegID\":\"Long\"}") @Re
@Operation(summary = "Get beneficiary allergy history")
@PostMapping(value = { "/getBenAllergyHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenANCAllergyHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -410,6 +426,7 @@ public String getBenANCAllergyHistory(
@Operation(summary = "Get beneficiary medication history")
@PostMapping(value = { "/getBenMedicationHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenMedicationHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -435,6 +452,7 @@ public String getBenMedicationHistory(
@Operation(summary = "Get beneficiary family history")
@PostMapping(value = { "/getBenFamilyHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenFamilyHistory(@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -459,6 +477,7 @@ public String getBenFamilyHistory(@Param(value = "{\"benRegID\":\"Long\"}") @Req
@Operation(summary = "Get beneficiary menstrual history")
@PostMapping(value = { "/getBenMenstrualHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenMenstrualHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -484,6 +503,7 @@ public String getBenMenstrualHistory(
@Operation(summary = "Get beneficiary obstetric history")
@PostMapping(value = { "/getBenPastObstetricHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenPastObstetricHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -509,6 +529,7 @@ public String getBenPastObstetricHistory(
@Operation(summary = "Get beneficiary comorbidity condition details")
@PostMapping(value = { "/getBenComorbidityConditionHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenANCComorbidityConditionHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -534,6 +555,7 @@ public String getBenANCComorbidityConditionHistory(
@Operation(summary = "Get beneficiary optional vaccine details")
@PostMapping(value = { "/getBenOptionalVaccineHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenOptionalVaccineHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -559,6 +581,7 @@ public String getBenOptionalVaccineHistory(
@Operation(summary = "Get child beneficiary vaccine details")
@PostMapping(value = { "/getBenChildVaccineHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenImmunizationHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -584,6 +607,7 @@ public String getBenImmunizationHistory(
@Operation(summary = "Get beneficiary perinatal history")
@PostMapping(value = { "/getBenPerinatalHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenPerinatalHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -609,6 +633,7 @@ public String getBenPerinatalHistory(
@Operation(summary = "Get child beneficiary feeding history")
@PostMapping(value = { "/getBenFeedingHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenFeedingHistory(@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -633,6 +658,7 @@ public String getBenFeedingHistory(@Param(value = "{\"benRegID\":\"Long\"}") @Re
@Operation(summary = "Get child beneficiary development history")
@PostMapping(value = { "/getBenDevelopmentHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBenDevelopmentHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -664,6 +690,7 @@ public String getBenDevelopmentHistory(
*/
@Operation(summary = "Get beneficiary casesheet history")
@PostMapping(value = { "/getBeneficiaryCaseSheetHistory" })
+ @PreAuthorize("hasRole('DOCTOR') || hasRole('NURSE') ")
public String getBeneficiaryCaseSheetHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -775,6 +802,7 @@ public String getTCSpecialistWorklistFutureScheduled(
// openkm file download
@Operation(summary = "Add file as string to openKM")
@PostMapping(value = "/getKMFile", produces = MediaType.APPLICATION_JSON, consumes = MediaType.APPLICATION_JSON, headers = "Authorization")
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getKMFile(@Param(value = "{}") @RequestBody String request,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -793,6 +821,7 @@ public String getKMFile(@Param(value = "{}") @RequestBody String request,
@Operation(summary = "Get beneficiary physical history")
@PostMapping(value = { "/getBenPhysicalHistory" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenPhysicalHistory(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -818,6 +847,7 @@ public String getBenPhysicalHistory(
@Operation(summary = "Get beneficiary symptomatic questionnaire answer details")
@PostMapping(value = { "/getBenSymptomaticQuestionnaireDetails" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenSymptomaticQuestionnaireDetails(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -843,6 +873,7 @@ public String getBenSymptomaticQuestionnaireDetails(
@Operation(summary = "Get beneficiary previous diabetes history")
@PostMapping(value = { "/getBenPreviousDiabetesHistoryDetails" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenPreviousDiabetesHistoryDetails(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -869,6 +900,7 @@ public String getBenPreviousDiabetesHistoryDetails(
// nurse worklist coming from MMU application
@Operation(summary = "Get mmu nurse worklist")
@GetMapping(value = { "/getMmuNurseWorklistNew/{providerServiceMapID}/{serviceID}/{vanID}" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getMmuNurseWorklistNew(@PathVariable("providerServiceMapID") Integer providerServiceMapID,
@PathVariable("vanID") Integer vanID) {
OutputResponse response = new OutputResponse();
@@ -887,6 +919,7 @@ public String getMmuNurseWorklistNew(@PathVariable("providerServiceMapID") Integ
@Operation(summary = "Get beneficiary previous referral history")
@PostMapping(value = { "/getBenPreviousReferralHistoryDetails" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenPreviousReferralHistoryDetails(
@Param(value = "{\"benRegID\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -916,6 +949,7 @@ public String getBenPreviousReferralHistoryDetails(
*/
@Operation(summary = "Get provider specific data")
@PostMapping(value = { "/getProviderSpecificData" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getProviderSpecificData(
@Param(value = "{\"benvisitID\":\"Long\",\"benvisitCode\":\"Long\",\"fetchMMUDataFor\":\"String\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -937,6 +971,7 @@ public String getProviderSpecificData(
*/
@Operation(summary = "Calculate beneficiary BMI status")
@PostMapping(value = { "/calculateBMIStatus" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String calculateBMIStatus(
@Param(value = "{\"bmi\":\"double\",\"yearMonth\":\"String\",\"gender\":\"String\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -954,6 +989,7 @@ public String calculateBMIStatus(
@Operation(summary = "Update beneficiary status flag")
@PostMapping(value = { "/update/benDetailsAndSubmitToNurse" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String saveBeneficiaryVisitDetail(
@Param(value = "{\"beneficiaryRegID\": \"Long\"}") @RequestBody String comingRequest) {
@@ -988,6 +1024,7 @@ public String saveBeneficiaryVisitDetail(
@Operation(summary = "Extend redis session for 30 mins")
@PostMapping(value = { "/extend/redisSession" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('PHARMACIST') || hasRole('LABTECHNICIAN') || hasRole('REGISTRAR') || hasRole('DATASYNC') || hasRole('DATA_SYNC') || hasRole('DOCTOR') || hasRole('LAB_TECHNICIAN') || hasRole('TC_SPECIALIST') || hasRole('ONCOLOGIST') || hasRole('RADIOLOGIST')")
public String extendRedisSession() {
OutputResponse response = new OutputResponse();
try {
@@ -1001,6 +1038,7 @@ public String extendRedisSession() {
@Operation(summary = "Soft delete prescribed medicine")
@PostMapping(value = { "/doctor/delete/prescribedMedicine" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String deletePrescribedMedicine(@RequestBody String requestOBJ) {
OutputResponse response = new OutputResponse();
try {
diff --git a/src/main/java/com/iemr/tm/controller/common/master/CommonMasterController.java b/src/main/java/com/iemr/tm/controller/common/master/CommonMasterController.java
index 009ed41b..61015517 100644
--- a/src/main/java/com/iemr/tm/controller/common/master/CommonMasterController.java
+++ b/src/main/java/com/iemr/tm/controller/common/master/CommonMasterController.java
@@ -26,6 +26,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@@ -41,6 +42,7 @@
@RestController
@RequestMapping(value = "/master", headers = "Authorization", consumes = "application/json", produces = "application/json")
/** Objective: provides master data based on given visitCategory */
+@PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public class CommonMasterController {
private Logger logger = LoggerFactory.getLogger(CommonMasterController.class);
diff --git a/src/main/java/com/iemr/tm/controller/covid19/CovidController.java b/src/main/java/com/iemr/tm/controller/covid19/CovidController.java
index 93d10011..e65558c6 100644
--- a/src/main/java/com/iemr/tm/controller/covid19/CovidController.java
+++ b/src/main/java/com/iemr/tm/controller/covid19/CovidController.java
@@ -28,6 +28,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
@@ -61,6 +62,7 @@ public class CovidController {
@Operation(summary = "Save COVID nurse data")
@PostMapping(value = { "/save/nurseData" })
+ @PreAuthorize("hasRole('NURSE') ")
public String saveBenNCDCareNurseData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) throws Exception {
OutputResponse response = new OutputResponse();
@@ -97,6 +99,7 @@ public String saveBenNCDCareNurseData(@RequestBody String requestObj,
*/
@Operation(summary = "Save COVID doctor data")
@PostMapping(value = { "/save/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String saveBenCovidDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -129,6 +132,7 @@ public String saveBenCovidDoctorData(@RequestBody String requestObj,
@Operation(summary = "Get COVID beneficiary visit details")
@PostMapping(value = { "/getBenVisitDetailsFrmNurseCovid" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVisitDetailsFrmNurseCovid19(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -160,6 +164,7 @@ public String getBenVisitDetailsFrmNurseCovid19(
*/
@Operation(summary = "Get COVID beneficiary history")
@PostMapping(value = { "/getBenCovid19HistoryDetails" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCovid19HistoryDetails(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -190,6 +195,7 @@ public String getBenCovid19HistoryDetails(
*/
@Operation(summary = "Get COVID beneficiary vitals")
@PostMapping(value = { "/getBenVitalDetailsFrmNurseCovid" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVitalDetailsFrmNurseNCDCare(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -222,6 +228,7 @@ public String getBenVitalDetailsFrmNurseNCDCare(
@Operation(summary = "Get COVID beneficiary case-record and referral details")
@PostMapping(value = { "/getBenCaseRecordFromDoctorCovid" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCaseRecordFromDoctorCovid19(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -248,6 +255,7 @@ public String getBenCaseRecordFromDoctorCovid19(
@Operation(summary = "Update COVID beneficiary history")
@PostMapping(value = { "/update/historyScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateHistoryNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -285,6 +293,7 @@ public String updateHistoryNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update COVID beneficiary vitals")
@PostMapping(value = { "/update/vitalScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateVitalNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -319,6 +328,7 @@ public String updateVitalNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update COVID beneficiary case-record and referral details")
@PostMapping(value = { "/update/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String updateCovid19DoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
diff --git a/src/main/java/com/iemr/tm/controller/dataSyncActivity/StartSyncActivity.java b/src/main/java/com/iemr/tm/controller/dataSyncActivity/StartSyncActivity.java
index 7d23c218..44ccc183 100644
--- a/src/main/java/com/iemr/tm/controller/dataSyncActivity/StartSyncActivity.java
+++ b/src/main/java/com/iemr/tm/controller/dataSyncActivity/StartSyncActivity.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
@@ -38,6 +39,7 @@
import com.iemr.tm.service.dataSyncActivity.DownloadDataFromServerImpl;
import com.iemr.tm.service.dataSyncActivity.UploadDataToServerImpl;
import com.iemr.tm.utils.response.OutputResponse;
+
import io.swagger.v3.oas.annotations.Operation;
/***
@@ -45,6 +47,7 @@
*/
@RestController
@RequestMapping(value = "/dataSyncActivity", headers = "Authorization", consumes = "application/json", produces = "application/json")
+@PreAuthorize("hasRole('DATASYNC') || hasRole('DATA_SYNC') ")
public class StartSyncActivity {
private Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());
diff --git a/src/main/java/com/iemr/tm/controller/dataSyncLayerCentral/MMUDataSyncVanToServer.java b/src/main/java/com/iemr/tm/controller/dataSyncLayerCentral/MMUDataSyncVanToServer.java
index 3f32247a..0b58f698 100644
--- a/src/main/java/com/iemr/tm/controller/dataSyncLayerCentral/MMUDataSyncVanToServer.java
+++ b/src/main/java/com/iemr/tm/controller/dataSyncLayerCentral/MMUDataSyncVanToServer.java
@@ -24,6 +24,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -48,6 +49,7 @@
*/
@RestController
@RequestMapping(value = "/dataSync", headers = "Authorization", consumes = "application/json", produces = "application/json")
+@PreAuthorize("hasRole('DATASYNC') || hasRole('DATA_SYNC') ")
public class MMUDataSyncVanToServer {
private Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());
diff --git a/src/main/java/com/iemr/tm/controller/foetalmonitor/FoetalMonitorController.java b/src/main/java/com/iemr/tm/controller/foetalmonitor/FoetalMonitorController.java
index e902ed02..2235b87c 100644
--- a/src/main/java/com/iemr/tm/controller/foetalmonitor/FoetalMonitorController.java
+++ b/src/main/java/com/iemr/tm/controller/foetalmonitor/FoetalMonitorController.java
@@ -28,6 +28,7 @@
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
diff --git a/src/main/java/com/iemr/tm/controller/generalOPD/GeneralOPDController.java b/src/main/java/com/iemr/tm/controller/generalOPD/GeneralOPDController.java
index 154e3323..5ecc595c 100644
--- a/src/main/java/com/iemr/tm/controller/generalOPD/GeneralOPDController.java
+++ b/src/main/java/com/iemr/tm/controller/generalOPD/GeneralOPDController.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
@@ -70,6 +71,7 @@ public class GeneralOPDController {
*/
@Operation(summary = "Save general OPD data collected by nurse")
@PostMapping(value = { "/save/nurseData" })
+ @PreAuthorize("hasRole('NURSE')")
public String saveBenGenOPDNurseData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) throws Exception {
OutputResponse response = new OutputResponse();
@@ -106,6 +108,7 @@ public String saveBenGenOPDNurseData(@RequestBody String requestObj,
*/
@Operation(summary = "Save general OPD data collected by doctor")
@PostMapping(value = { "/save/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR')")
public String saveBenGenOPDDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -137,6 +140,7 @@ public String saveBenGenOPDDoctorData(@RequestBody String requestObj,
@Operation(summary = "Get general OPD beneficiary visit details")
@PostMapping(value = { "/getBenVisitDetailsFrmNurseGOPD" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
@Transactional(rollbackFor = Exception.class)
public String getBenVisitDetailsFrmNurseGOPD(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
@@ -169,7 +173,7 @@ public String getBenVisitDetailsFrmNurseGOPD(
*/
@Operation(summary = "Get general OPD beneficiary history")
@PostMapping(value = { "/getBenHistoryDetails" })
-
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenHistoryDetails(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -200,6 +204,7 @@ public String getBenHistoryDetails(
*/
@Operation(summary = "Get general OPD beneficiary vitals")
@PostMapping(value = { "/getBenVitalDetailsFrmNurse" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVitalDetailsFrmNurse(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -231,7 +236,7 @@ public String getBenVitalDetailsFrmNurse(
*/
@Operation(summary = "Get general OPD beneficiary examination details")
@PostMapping(value = { "/getBenExaminationDetails" })
-
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenExaminationDetails(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -263,6 +268,7 @@ public String getBenExaminationDetails(
@Operation(summary = "Get general OPD beneficiary case record and referral")
@PostMapping(value = { "/getBenCaseRecordFromDoctorGeneralOPD" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCaseRecordFromDoctorGeneralOPD(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -289,6 +295,7 @@ public String getBenCaseRecordFromDoctorGeneralOPD(
@Operation(summary = "Update beneficiary's general OPD visit details")
@PostMapping(value = { "/update/visitDetailsScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateVisitNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -323,6 +330,7 @@ public String updateVisitNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update beneficiary history")
@PostMapping(value = { "/update/historyScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateHistoryNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -357,6 +365,7 @@ public String updateHistoryNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update general OPD beneficiary vitals")
@PostMapping(value = { "/update/vitalScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateVitalNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -391,6 +400,7 @@ public String updateVitalNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update general OPD beneficiary examination data")
@PostMapping(value = { "/update/examinationScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateGeneralOPDExaminationNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -424,6 +434,7 @@ public String updateGeneralOPDExaminationNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update general OPD beneficiary case record and referral")
@PostMapping(value = { "/update/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String updateGeneralOPDDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
diff --git a/src/main/java/com/iemr/tm/controller/labtechnician/LabtechnicianController.java b/src/main/java/com/iemr/tm/controller/labtechnician/LabtechnicianController.java
index f3e8fd9a..d1fa06e9 100644
--- a/src/main/java/com/iemr/tm/controller/labtechnician/LabtechnicianController.java
+++ b/src/main/java/com/iemr/tm/controller/labtechnician/LabtechnicianController.java
@@ -24,6 +24,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -46,6 +47,7 @@
@RestController
@RequestMapping(value = "/labTechnician", headers = "Authorization", consumes = "application/json", produces = "application/json")
+@PreAuthorize("hasRole('LAB_TECHNICIAN') || hasRole('LABTECHNICIAN') ")
public class LabtechnicianController {
private Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());
diff --git a/src/main/java/com/iemr/tm/controller/location/LocationController.java b/src/main/java/com/iemr/tm/controller/location/LocationController.java
index 737ab8a4..f60ffd4e 100644
--- a/src/main/java/com/iemr/tm/controller/location/LocationController.java
+++ b/src/main/java/com/iemr/tm/controller/location/LocationController.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@@ -41,6 +42,7 @@
@RestController
@RequestMapping(value = "/location", headers = "Authorization", produces = { "application/json" })
+@PreAuthorize("hasRole('NURSE') || hasRole('PHARMACIST') || hasRole('LABTECHNICIAN') || hasRole('REGISTRAR') || hasRole('DATASYNC') || hasRole('DATA_SYNC') || hasRole('DOCTOR') || hasRole('LAB_TECHNICIAN') || hasRole('TC_SPECIALIST') || hasRole('TCSPECIALIST') || hasRole('ONCOLOGIST') || hasRole('RADIOLOGIST')")
public class LocationController {
private OutputResponse response;
private Logger logger = LoggerFactory.getLogger(CommonMasterController.class);
diff --git a/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java b/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
index de8c36f5..0f11a27a 100644
--- a/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
+++ b/src/main/java/com/iemr/tm/controller/login/IemrMmuLoginController.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@@ -45,6 +46,7 @@
@RestController
@RequestMapping(value = "/user", headers = "Authorization", consumes = "application/json", produces = "application/json")
+@PreAuthorize("hasRole('NURSE') || hasRole('PHARMACIST') || hasRole('LABTECHNICIAN') || hasRole('REGISTRAR') || hasRole('DATASYNC') || hasRole('DATA_SYNC') || hasRole('DOCTOR') || hasRole('LAB_TECHNICIAN') || hasRole('TC_SPECIALIST') || hasRole('ONCOLOGIST') || hasRole('RADIOLOGIST')")
public class IemrMmuLoginController {
private Logger logger = LoggerFactory.getLogger(RegistrarController.class);
diff --git a/src/main/java/com/iemr/tm/controller/ncdCare/NCDCareController.java b/src/main/java/com/iemr/tm/controller/ncdCare/NCDCareController.java
index b3c050bb..59d6a440 100644
--- a/src/main/java/com/iemr/tm/controller/ncdCare/NCDCareController.java
+++ b/src/main/java/com/iemr/tm/controller/ncdCare/NCDCareController.java
@@ -28,6 +28,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
@@ -69,6 +70,7 @@ public void setNcdCareServiceImpl(NCDCareServiceImpl ncdCareServiceImpl) {
*/
@Operation(summary = "Save NCD care data collected by nurse")
@PostMapping(value = { "/save/nurseData" })
+ @PreAuthorize("hasRole('NURSE') ")
public String saveBenNCDCareNurseData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) throws Exception {
OutputResponse response = new OutputResponse();
@@ -105,6 +107,7 @@ public String saveBenNCDCareNurseData(@RequestBody String requestObj,
*/
@Operation(summary = "Save NCD care beneficiary case record and referral")
@PostMapping(value = { "/save/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String saveBenNCDCareDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -137,6 +140,7 @@ public String saveBenNCDCareDoctorData(@RequestBody String requestObj,
@Operation(summary = "Get NCD care beneficiary visit details")
@PostMapping(value = { "/getBenVisitDetailsFrmNurseNCDCare" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVisitDetailsFrmNurseNCDCare(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -168,7 +172,7 @@ public String getBenVisitDetailsFrmNurseNCDCare(
*/
@Operation(summary = "Get NCD care beneficiary history")
@PostMapping(value = { "/getBenNCDCareHistoryDetails" })
-
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenNCDCareHistoryDetails(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -199,6 +203,7 @@ public String getBenNCDCareHistoryDetails(
*/
@Operation(summary = "Get NCD care beneficiary vitals")
@PostMapping(value = { "/getBenVitalDetailsFrmNurseNCDCare" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVitalDetailsFrmNurseNCDCare(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -231,6 +236,7 @@ public String getBenVitalDetailsFrmNurseNCDCare(
@Operation(summary = "Get NCD care beneficiary case record and referral")
@PostMapping(value = { "/getBenCaseRecordFromDoctorNCDCare" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCaseRecordFromDoctorNCDCare(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -257,6 +263,7 @@ public String getBenCaseRecordFromDoctorNCDCare(
@Operation(summary = "Update NCD care beneficiary history")
@PostMapping(value = { "/update/historyScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateHistoryNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -294,6 +301,7 @@ public String updateHistoryNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update NCD care beneficiary vitals")
@PostMapping(value = { "/update/vitalScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateVitalNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -328,6 +336,7 @@ public String updateVitalNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update NCD care beneficiary case record and referral")
@PostMapping(value = { "/update/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String updateNCDCareDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
diff --git a/src/main/java/com/iemr/tm/controller/ncdscreening/NCDScreeningController.java b/src/main/java/com/iemr/tm/controller/ncdscreening/NCDScreeningController.java
index 4233327c..46d2a5d3 100644
--- a/src/main/java/com/iemr/tm/controller/ncdscreening/NCDScreeningController.java
+++ b/src/main/java/com/iemr/tm/controller/ncdscreening/NCDScreeningController.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.GetMapping;
@@ -75,6 +76,7 @@ public void setNcdScreeningServiceImpl(NCDScreeningServiceImpl ncdScreeningServi
@Operation(summary = "Save NCD screening beneficiary data collected by nurse")
@PostMapping(value = { "/save/nurseData" })
+ @PreAuthorize("hasRole('NURSE')")
public String saveBeneficiaryNCDScreeningDetails(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) throws Exception {
@@ -106,6 +108,7 @@ public String saveBeneficiaryNCDScreeningDetails(@RequestBody String requestObj,
@Operation(summary = "Save NCD screening beneficiary data collected by doctor")
@PostMapping(value = { "/save/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String saveBenNCDScreeningDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -137,6 +140,7 @@ public String saveBenNCDScreeningDoctorData(@RequestBody String requestObj,
@Operation(summary = "Get NCD screening beneficiary visit details")
@PostMapping(value = { "/get/nurseData" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getNCDScreenigDetails(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
@@ -162,6 +166,7 @@ public String getNCDScreenigDetails(
@Operation(summary = "Get NCD screening visit count for beneficiary register id")
@GetMapping(value = { "/getNcdScreeningVisitCount/{beneficiaryRegID}" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getNcdScreeningVisitCount(@PathVariable("beneficiaryRegID") Long beneficiaryRegID) {
OutputResponse response = new OutputResponse();
try {
@@ -190,6 +195,7 @@ public String getNcdScreeningVisitCount(@PathVariable("beneficiaryRegID") Long b
@Operation(summary = "Get NCD screening beneficiary case record and referral")
@PostMapping(value = { "/getBenCaseRecordFromDoctorNCDScreening" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCaseRecordFromDoctorNCDCare(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -217,6 +223,7 @@ public String getBenCaseRecordFromDoctorNCDCare(
@Operation(summary = "Get NCD screening beneficiary visit details")
@PostMapping(value = { "/getBenVisitDetailsFrmNurseNCDScreening" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVisitDetailsFrmNurseGOPD(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -243,7 +250,7 @@ public String getBenVisitDetailsFrmNurseGOPD(
@Operation(summary = "Get NCD screening beneficiary general OPD history")
@PostMapping(value = { "/getBenHistoryDetails" })
-
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenHistoryDetails(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -269,6 +276,7 @@ public String getBenHistoryDetails(
@Operation(summary = "Get NCD screening beneficiary vitals from general OPD nurse")
@PostMapping(value = { "/getBenVitalDetailsFrmNurse" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVitalDetailsFrmNurse(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -295,6 +303,7 @@ public String getBenVitalDetailsFrmNurse(
@Operation(summary = "Get NCD screening IDRS details from general OPD nurse")
@PostMapping(value = { "/getBenIdrsDetailsFrmNurse" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenIdrsDetailsFrmNurse(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -322,6 +331,7 @@ public String getBenIdrsDetailsFrmNurse(
@Operation(summary = "Get NCD screening beneficiary case record and referral")
@PostMapping(value = { "/update/nurseData" })
+ @PreAuthorize("hasRole('NURSE') ")
public String updateBeneficiaryNCDScreeningDetails(@RequestBody String requestObj) {
logger.info("Update NCDScreening Details request:" + requestObj);
@@ -356,6 +366,7 @@ public String updateBeneficiaryNCDScreeningDetails(@RequestBody String requestOb
*/
@Operation(summary = "Update NCD screening beneficiary history")
@PostMapping(value = { "/update/historyScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateHistoryNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -384,6 +395,7 @@ public String updateHistoryNurse(@RequestBody String requestObj) {
@Operation(summary = "Update NCD screening beneficiary vitals")
@PostMapping(value = { "/update/vitalScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateVitalNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -412,6 +424,7 @@ public String updateVitalNurse(@RequestBody String requestObj) {
@Operation(summary = "Update NCD screening beneficiary history")
@PostMapping(value = { "/update/idrsScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateIDRSScreen(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -440,6 +453,7 @@ public String updateIDRSScreen(@RequestBody String requestObj) {
@Operation(summary = "Update NCD screening beneficiary case record and referral")
@PostMapping(value = { "/update/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String updateDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
diff --git a/src/main/java/com/iemr/tm/controller/nurse/vitals/AnthropometryVitalsController.java b/src/main/java/com/iemr/tm/controller/nurse/vitals/AnthropometryVitalsController.java
index 7c47f4bf..4112c355 100644
--- a/src/main/java/com/iemr/tm/controller/nurse/vitals/AnthropometryVitalsController.java
+++ b/src/main/java/com/iemr/tm/controller/nurse/vitals/AnthropometryVitalsController.java
@@ -5,6 +5,7 @@
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.repository.query.Param;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -18,6 +19,7 @@
@RestController
@RequestMapping(value = "/anthropometryVitals", headers = "Authorization", consumes = "application/json", produces = "application/json")
+@PreAuthorize("hasRole('NURSE') ")
public class AnthropometryVitalsController {
private Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());
diff --git a/src/main/java/com/iemr/tm/controller/patientApp/master/PatientAppCommonMasterController.java b/src/main/java/com/iemr/tm/controller/patientApp/master/PatientAppCommonMasterController.java
index fad5b48a..bce92e5a 100644
--- a/src/main/java/com/iemr/tm/controller/patientApp/master/PatientAppCommonMasterController.java
+++ b/src/main/java/com/iemr/tm/controller/patientApp/master/PatientAppCommonMasterController.java
@@ -26,6 +26,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@@ -61,6 +62,7 @@ public void setCommonPatientAppMasterService(CommonPatientAppMasterService commo
*/
@Operation(summary = "Chief complaints master data API for patient app")
@PostMapping(value = "/patientApp/chiefComplaintsMaster/{visitCategoryID}/{providerServiceMapID}/{gender}")
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String patientAppChiefComplaintsMasterData(@PathVariable("visitCategoryID") Integer visitCategoryID,
@PathVariable("providerServiceMapID") Integer providerServiceMapID, @PathVariable("gender") String gender) {
logger.info("Nurse master Data for categoryID:" + visitCategoryID + " and providerServiceMapID:"
@@ -75,6 +77,7 @@ public String patientAppChiefComplaintsMasterData(@PathVariable("visitCategoryID
@Operation(summary = "COVID master data API for patient app")
@PostMapping(value = "/patientApp/covidMaster/{visitCategoryID}/{providerServiceMapID}/{gender}")
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String patientAppCovidMasterData(@PathVariable("visitCategoryID") Integer visitCategoryID,
@PathVariable("providerServiceMapID") Integer providerServiceMapID, @PathVariable("gender") String gender) {
logger.info("Nurse master Data for categoryID:" + visitCategoryID + " and providerServiceMapID:"
@@ -89,6 +92,7 @@ public String patientAppCovidMasterData(@PathVariable("visitCategoryID") Integer
@Operation(summary = "Save COVID data in patient app")
@PostMapping(value = { "/save/covidScreeningDataPatientApp" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String saveBenCovidDoctorDataPatientApp(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -108,6 +112,7 @@ public String saveBenCovidDoctorDataPatientApp(@RequestBody String requestObj,
@Operation(summary = "Save chief-complaints data in patient app")
@PostMapping(value = { "/save/chiefComplaintsDataPatientApp" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String saveBenChiefComplaintsDataPatientApp(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -127,6 +132,7 @@ public String saveBenChiefComplaintsDataPatientApp(@RequestBody String requestOb
@Operation(summary = "Save tele-consultation slot in data patient app")
@PostMapping(value = { "/save/tcSlotDetailsDataPatientApp" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('TCSPECIALIST') || hasRole('TC_SPECIALIST') ")
public String saveTCSlotDataPatientApp(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -148,6 +154,7 @@ public String saveTCSlotDataPatientApp(@RequestBody String requestObj,
@Operation(summary = "Get patient episode data for specialist in patient app")
@PostMapping(value = { "/get/getPatientEpisodeData" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('TCSPECIALIST') || hasRole('TC_SPECIALIST') ")
public String getPatientEpisodeDataMobileApp(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -169,6 +176,7 @@ public String getPatientEpisodeDataMobileApp(@RequestBody String requestObj,
@Operation(summary = "Get patient booked slot data in patient app")
@PostMapping(value = { "/get/getPatientBookedSlotDetails" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('TCSPECIALIST') || hasRole('TC_SPECIALIST') ")
public String getPatientBookedSlotDetails(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -190,6 +198,7 @@ public String getPatientBookedSlotDetails(@RequestBody String requestObj,
@Operation(summary = "Save specialist diagnosis data in patient app")
@PostMapping(value = { "/save/saveSpecialistDiagnosisData" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('TCSPECIALIST') || hasRole('TC_SPECIALIST') ")
public String saveSpecialistDiagnosisData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -211,6 +220,7 @@ public String saveSpecialistDiagnosisData(@RequestBody String requestObj,
@Operation(summary = "Get specialist diagnosis data in patient app")
@PostMapping(value = { "/save/getSpecialistDiagnosisData" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('TCSPECIALIST') || hasRole('TC_SPECIALIST') ")
public String getSpecialistDiagnosisData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -232,6 +242,7 @@ public String getSpecialistDiagnosisData(@RequestBody String requestObj,
@Operation(summary = "Get last 3 episode data of the patient in patient app")
@PostMapping(value = { "/get/getPatientsEpisodes" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('TCSPECIALIST') || hasRole('TC_SPECIALIST') ")
public String getPatientsLast_3_Episode(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
diff --git a/src/main/java/com/iemr/tm/controller/pnc/PostnatalCareController.java b/src/main/java/com/iemr/tm/controller/pnc/PostnatalCareController.java
index dd93ef2a..709a2eab 100644
--- a/src/main/java/com/iemr/tm/controller/pnc/PostnatalCareController.java
+++ b/src/main/java/com/iemr/tm/controller/pnc/PostnatalCareController.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
@@ -66,6 +67,7 @@ public void setPncServiceImpl(PNCServiceImpl pncServiceImpl) {
*/
@Operation(summary = "Save PNC nurse data")
@PostMapping(value = { "/save/nurseData" })
+ @PreAuthorize("hasRole('NURSE')")
public String saveBenPNCNurseData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) throws Exception {
OutputResponse response = new OutputResponse();
@@ -103,6 +105,7 @@ public String saveBenPNCNurseData(@RequestBody String requestObj,
*/
@Operation(summary = "Save PNC doctor data")
@PostMapping(value = { "/save/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String saveBenPNCDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -135,6 +138,7 @@ public String saveBenPNCDoctorData(@RequestBody String requestObj,
@Operation(summary = "Get PNC beneficiary visit details from nurse")
@PostMapping(value = { "/getBenVisitDetailsFrmNursePNC" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
@Transactional(rollbackFor = Exception.class)
public String getBenVisitDetailsFrmNursePNC(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
@@ -168,6 +172,7 @@ public String getBenVisitDetailsFrmNursePNC(
@Operation(summary = "Get PNC beneficiary details from nurse")
@PostMapping(value = { "/getBenPNCDetailsFrmNursePNC" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenPNCDetailsFrmNursePNC(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -199,7 +204,7 @@ public String getBenPNCDetailsFrmNursePNC(
*/
@Operation(summary = "Get PNC beneficiary history nurse")
@PostMapping(value = { "/getBenHistoryDetails" })
-
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenHistoryDetails(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -230,6 +235,7 @@ public String getBenHistoryDetails(
*/
@Operation(summary = "Get PNC beneficiary vital details from nurse")
@PostMapping(value = { "/getBenVitalDetailsFrmNurse" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVitalDetailsFrmNurse(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -261,7 +267,7 @@ public String getBenVitalDetailsFrmNurse(
*/
@Operation(summary = "Get PNC beneficiary examination details from nurse")
@PostMapping(value = { "/getBenExaminationDetailsPNC" })
-
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenExaminationDetailsPNC(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -293,6 +299,7 @@ public String getBenExaminationDetailsPNC(
@Operation(summary = "Get PNC beneficiary case record")
@PostMapping(value = { "/getBenCaseRecordFromDoctorPNC" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCaseRecordFromDoctorPNC(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -319,6 +326,7 @@ public String getBenCaseRecordFromDoctorPNC(
@Operation(summary = "Update PNC doctor data")
@PostMapping(value = { "/update/PNCScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updatePNCCareNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -354,6 +362,7 @@ public String updatePNCCareNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update PNC beneficiary history")
@PostMapping(value = { "/update/historyScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateHistoryNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -389,6 +398,7 @@ public String updateHistoryNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update PNC beneficiary vitals")
@PostMapping(value = { "/update/vitalScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateVitalNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -424,6 +434,7 @@ public String updateVitalNurse(@RequestBody String requestObj) {
*/
@Operation(summary = "Update PNC examination data")
@PostMapping(value = { "/update/examinationScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String updateGeneralOPDExaminationNurse(@RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -452,6 +463,7 @@ public String updateGeneralOPDExaminationNurse(@RequestBody String requestObj) {
@Operation(summary = "Update PNC doctor data")
@PostMapping(value = { "/update/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String updatePNCDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
diff --git a/src/main/java/com/iemr/tm/controller/quickconsult/QuickConsultController.java b/src/main/java/com/iemr/tm/controller/quickconsult/QuickConsultController.java
index baf4fb4b..dfecab11 100644
--- a/src/main/java/com/iemr/tm/controller/quickconsult/QuickConsultController.java
+++ b/src/main/java/com/iemr/tm/controller/quickconsult/QuickConsultController.java
@@ -25,6 +25,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
@@ -75,6 +76,7 @@ public void setQuickConsultationServiceImpl(QuickConsultationServiceImpl quickCo
*/
@Operation(summary = "Save quick consult nurse data")
@PostMapping(value = { "/save/nurseData" })
+ @PreAuthorize("hasRole('NURSE') ")
public String saveBenQuickConsultDataNurse(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) throws Exception {
OutputResponse response = new OutputResponse();
@@ -111,6 +113,7 @@ public String saveBenQuickConsultDataNurse(@RequestBody String requestObj,
*/
@Operation(summary = "Save quick consult doctor data")
@PostMapping(value = { "/save/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String saveQuickConsultationDetail(
@Param(value = "{\"quickConsultation\":{\"beneficiaryRegID\":\"Long\",\"providerServiceMapID\": \"Integer\", \"benVisitID\":\"Long\", \"benChiefComplaint\":[{\"chiefComplaintID\":\"Integer\", "
+ "\"chiefComplaint\":\"String\", \"duration\":\"Integer\", \"unitOfDuration\":\"String\"}], \"description\":\"String\""
@@ -149,6 +152,7 @@ public String saveQuickConsultationDetail(
@Operation(summary = "Get quick consult beneficiary visit details")
@PostMapping(value = { "/getBenDataFrmNurseToDocVisitDetailsScreen" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenDataFrmNurseScrnToDocScrnVisitDetails(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -179,6 +183,7 @@ public String getBenDataFrmNurseScrnToDocScrnVisitDetails(
*/
@Operation(summary = "Get quick consult beneficiary vital details")
@PostMapping(value = { "/getBenVitalDetailsFrmNurse" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenVitalDetailsFrmNurse(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -211,6 +216,7 @@ public String getBenVitalDetailsFrmNurse(
@Operation(summary = "Get quick consult beneficiary case record")
@PostMapping(value = { "/getBenCaseRecordFromDoctorQuickConsult" })
@Transactional(rollbackFor = Exception.class)
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public String getBenCaseRecordFromDoctorQuickConsult(
@Param(value = "{\"benRegID\":\"Long\",\"visitCode\":\"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -237,6 +243,7 @@ public String getBenCaseRecordFromDoctorQuickConsult(
@Operation(summary = "Update quick consult doctor data")
@PostMapping(value = { "/update/doctorData" })
+ @PreAuthorize("hasRole('DOCTOR') ")
public String updateGeneralOPDQCDoctorData(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
diff --git a/src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java b/src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java
index 7564bb51..2382edb9 100644
--- a/src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java
+++ b/src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java
@@ -29,6 +29,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -83,6 +84,7 @@ public void setNurseServiceImpl(NurseServiceImpl nurseServiceImpl) {
// Registrar Work List API .....
@Operation(summary = "Get registrar worklist data")
@PostMapping(value = { "/registrarWorkListData" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('REGISTRAR')")
public String getRegistrarWorkList(@Param(value = "{\"spID\": \"Integer\"}") @RequestBody String comingRequest)
throws JSONException {
OutputResponse response = new OutputResponse();
@@ -102,6 +104,7 @@ public String getRegistrarWorkList(@Param(value = "{\"spID\": \"Integer\"}") @Re
// Registrar Quick search .....
@Operation(summary = "Search for the beneficiary based on beneficiary id")
@PostMapping(value = { "/quickSearch" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('REGISTRAR')")
public String quickSearchBeneficiary(
@Param(value = "{\"benID\": \"String\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -120,6 +123,7 @@ public String quickSearchBeneficiary(
// Registrar Advance search .....
@Operation(summary = "Search for the beneficiary based on provided data")
@PostMapping(value = { "/advanceSearch" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('REGISTRAR')")
public String advanceSearch(
@Param(value = "{\"firstName\": \"String\", \"lastName\": \"String\", \"phoneNo\": \"String\","
+ "\"beneficiaryID\": \"String\", \"stateID\": \"Integer\", \"districtID\": \"Integer\", \"aadharNo\": \"String\"},"
@@ -142,6 +146,7 @@ public String advanceSearch(
// API for left side ben data
@Operation(summary = "Get beneficiary details based on beneficiary register id")
@PostMapping(value = { "/get/benDetailsByRegID" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('REGISTRAR')")
public String getBenDetailsByRegID(
@Param(value = "{\"beneficiaryRegID\": \"Long\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
@@ -171,6 +176,7 @@ public String getBenDetailsByRegID(
@Operation(summary = "Get beneficiary details")
@PostMapping(value = { "/get/beneficiaryDetails" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('LABTECHNICIAN') || hasRole('LAB_TECHNICIAN') || hasRole('PHARMACIST') || hasRole('REGISTRAR')")
public String getBeneficiaryDetails(
@Param(value = "{\"beneficiaryRegID\": \"Long\"}") @RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -205,6 +211,7 @@ public String getBeneficiaryDetails(
@Operation(summary = "Get beneficiary image")
@PostMapping(value = { "/get/beneficiaryImage" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('LABTECHNICIAN') || hasRole('LAB_TECHNICIAN') || hasRole('PHARMACIST') || hasRole('REGISTRAR')")
public String getBeneficiaryImage(
@Param(value = "{\"beneficiaryRegID\": \"Long\"}") @RequestBody String requestObj) {
OutputResponse response = new OutputResponse();
@@ -231,6 +238,7 @@ public String getBeneficiaryImage(
// beneficiary quick search new integrated with common and identity
@Operation(summary = "Search beneficiary based on beneficiary id or beneficiary phone number")
@PostMapping(value = { "/quickSearchNew" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('REGISTRAR')")
public String quickSearchNew(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
String searchList = null;
@@ -254,6 +262,7 @@ public String quickSearchNew(@RequestBody String requestObj,
// beneficiary Advance search new integrated with common and identity
@Operation(summary = "Beneficiary advance search integrated with common and identity API")
@PostMapping(value = { "/advanceSearchNew" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('REGISTRAR')")
public String advanceSearchNew(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
String searchList = null;
@@ -277,6 +286,7 @@ public String advanceSearchNew(@RequestBody String requestObj,
// Get Beneficiary Details for left side panel of given beneficiaryRegID new
@Operation(summary = "Get beneficiary details for side panel")
@PostMapping(value = { "/get/benDetailsByRegIDForLeftPanelNew" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('LABTECHNICIAN') || hasRole('LAB_TECHNICIAN') || hasRole('PHARMACIST')")
public String getBenDetailsForLeftSidePanelByRegID(
@Param(value = "{\"beneficiaryRegID\": \"Long\"}") @RequestBody String comingRequest,
@RequestHeader(value = "Authorization") String Authorization) {
@@ -308,6 +318,7 @@ public String getBenDetailsForLeftSidePanelByRegID(
// new api for ben image
@Operation(summary = "Get beneficiary image")
@PostMapping(value = { "/getBenImage" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('LABTECHNICIAN') || hasRole('LAB_TECHNICIAN') || hasRole('PHARMACIST')")
public String getBenImage(@RequestBody String requestObj,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -324,6 +335,7 @@ public String getBenImage(@RequestBody String requestObj,
@Operation(summary = "Register a new beneficiary")
@PostMapping(value = { "/registrarBeneficaryRegistration" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('REGISTRAR')")
public String createBeneficiary(
@Param(value = "{\"benD\":{\"firstName\": \"String\", \"lastName\": \"String\", \"gender\": \"Short\","
+ "\"dob\": \"Timestamp\", \"maritalStatus\": \"Short\", \"fatherName\": \"String\", \"motherName\": \"String\","
@@ -387,6 +399,7 @@ public String createBeneficiary(
// beneficiary registration with common and identity new
@Operation(summary = "Register a new beneficiary new API")
@PostMapping(value = { "/registrarBeneficaryRegistrationNew" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('REGISTRAR')")
public String registrarBeneficaryRegistrationNew(@RequestBody String comingReq,
@RequestHeader(value = "Authorization") String Authorization) {
String s;
@@ -404,6 +417,7 @@ public String registrarBeneficaryRegistrationNew(@RequestBody String comingReq,
@Operation(summary = "Update registered beneficiary data")
@PostMapping(value = { "/update/BeneficiaryDetails" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('REGISTRAR') || hasRole('DOCTOR')")
public String updateBeneficiary(
@Param(value = "{\"benD\": {\"beneficiaryRegID\": \"Long\", \"firstName\": \"String\", \"lastName\": \"String\", \"gender\": \"Short\","
+ "\"dob\": \"Timestamp\", \"maritalStatus\": \"Short\", \"fatherName\": \"String\", \"motherName\": \"String\","
@@ -467,6 +481,7 @@ public String updateBeneficiary(
// revisit to nurse by searching and submitting new
@Operation(summary = "Search and submit beneficiary to nurse for revisit")
@PostMapping(value = { "/create/BenReVisitToNurse" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('REGISTRAR')")
public String createReVisitForBenToNurse(@RequestBody String requestOBJ) {
OutputResponse response = new OutputResponse();
try {
@@ -488,6 +503,7 @@ public String createReVisitForBenToNurse(@RequestBody String requestOBJ) {
@Operation(summary = "Update registered beneficiary details")
@PostMapping(value = { "/update/BeneficiaryUpdate" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('REGISTRAR')")
public String beneficiaryUpdate(@RequestBody String requestOBJ,
@RequestHeader(value = "Authorization") String Authorization) {
OutputResponse response = new OutputResponse();
@@ -511,6 +527,7 @@ public String beneficiaryUpdate(@RequestBody String requestOBJ,
@Operation(summary = "Get master data for registrar")
@PostMapping(value = { "/registrarMasterData" })
+ @PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('REGISTRAR')")
public String masterDataForRegistration(
@Param(value = "{\"spID\": \"Integer\"}") @RequestBody String comingRequest) {
OutputResponse response = new OutputResponse();
diff --git a/src/main/java/com/iemr/tm/controller/report/CRMReportController.java b/src/main/java/com/iemr/tm/controller/report/CRMReportController.java
index bcb3aba6..a5b659fb 100644
--- a/src/main/java/com/iemr/tm/controller/report/CRMReportController.java
+++ b/src/main/java/com/iemr/tm/controller/report/CRMReportController.java
@@ -27,6 +27,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -45,6 +46,8 @@
@RequestMapping("/TMReport")
@RestController
+@PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') || hasRole('LABTECHNICIAN') || hasRole('LAB_TECHNICIAN') || hasRole('PHARMACIST') || hasRole('TC_SPECIALIST') || hasRole('TCSPECIALIST') || hasRole('ONCOLOGIST') || hasRole('RADIOLOGIST')")
+
public class CRMReportController {
private final Logger logger = LoggerFactory.getLogger(this.getClass().getName());
diff --git a/src/main/java/com/iemr/tm/controller/snomedct/SnomedController.java b/src/main/java/com/iemr/tm/controller/snomedct/SnomedController.java
index 945064d6..dab6f773 100644
--- a/src/main/java/com/iemr/tm/controller/snomedct/SnomedController.java
+++ b/src/main/java/com/iemr/tm/controller/snomedct/SnomedController.java
@@ -24,6 +24,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -42,6 +43,7 @@
@RequestMapping(value = "/snomed", consumes = "application/json", produces = "application/json")
@RestController
+@PreAuthorize("hasRole('NURSE') || hasRole('DOCTOR') ")
public class SnomedController {
private Logger logger = LoggerFactory.getLogger(SnomedController.class);
diff --git a/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java b/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
index 390d05c7..91a1114e 100644
--- a/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
+++ b/src/main/java/com/iemr/tm/controller/teleconsultation/TeleConsultationController.java
@@ -24,6 +24,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -44,6 +45,7 @@
@RestController
@RequestMapping(value = "/tc", headers = "Authorization", consumes = "application/json", produces = "application/json")
+@PreAuthorize("hasRole('TCSPECIALIST') || hasRole('TC_SPECIALIST') ")
public class TeleConsultationController {
private Logger logger = LoggerFactory.getLogger(this.getClass().getSimpleName());
diff --git a/src/main/java/com/iemr/tm/repo/login/UserLoginRepo.java b/src/main/java/com/iemr/tm/repo/login/UserLoginRepo.java
index 0898602d..f0b2f746 100644
--- a/src/main/java/com/iemr/tm/repo/login/UserLoginRepo.java
+++ b/src/main/java/com/iemr/tm/repo/login/UserLoginRepo.java
@@ -1,5 +1,7 @@
package com.iemr.tm.repo.login;
+import java.util.List;
+
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.CrudRepository;
import org.springframework.data.repository.query.Param;
@@ -13,4 +15,7 @@ public interface UserLoginRepo extends CrudRepository {
@Query(" SELECT u FROM Users u WHERE u.userID = :userID AND u.Deleted = false ")
public Users getUserByUserID(@Param("userID") Long userID);
+ @Query(nativeQuery = true,value = "select rolename from m_role where roleid in (select roleid from m_userservicerolemapping where userid=:userID)")
+ List getRoleNamebyUserId(@Param("userID") Long userID);
+
}
diff --git a/src/main/java/com/iemr/tm/utils/JwtAuthenticationUtil.java b/src/main/java/com/iemr/tm/utils/JwtAuthenticationUtil.java
index cd32bea1..d266bf02 100644
--- a/src/main/java/com/iemr/tm/utils/JwtAuthenticationUtil.java
+++ b/src/main/java/com/iemr/tm/utils/JwtAuthenticationUtil.java
@@ -1,5 +1,6 @@
package com.iemr.tm.utils;
+import java.util.List;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
@@ -130,4 +131,18 @@ private Users fetchUserFromDB(String userId) {
return null;
}
+ public List getUserRoles(Long userId) throws IEMRException {
+ if (null == userId || userId <= 0) {
+ throw new IEMRException("Invalid User ID : " + userId);
+ }
+ try {
+ List role = userLoginRepo.getRoleNamebyUserId(userId);
+ if (null == role || role.isEmpty()) {
+ throw new IEMRException("No role found for userId : " + userId);
+ }
+ return role;
+ } catch (Exception e) {
+ throw new IEMRException("Failed to retrieverole for usedId : " + userId + " error : " + e.getMessage());
+ }
+ }
}
diff --git a/src/main/java/com/iemr/tm/utils/JwtUtil.java b/src/main/java/com/iemr/tm/utils/JwtUtil.java
index e0576c71..5d3d7561 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUtil.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUtil.java
@@ -59,7 +59,7 @@ public T extractClaim(String token, Function claimsResolver) {
return claims != null ? claimsResolver.apply(claims) : null;
}
- private Claims extractAllClaims(String token) {
+ public Claims extractAllClaims(String token) {
return Jwts.parser()
.verifyWith(getSigningKey())
.build()
diff --git a/src/main/java/com/iemr/tm/utils/exception/CustomAccessDeniedHandler.java b/src/main/java/com/iemr/tm/utils/exception/CustomAccessDeniedHandler.java
new file mode 100644
index 00000000..ff62fc62
--- /dev/null
+++ b/src/main/java/com/iemr/tm/utils/exception/CustomAccessDeniedHandler.java
@@ -0,0 +1,28 @@
+package com.iemr.tm.utils.exception;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import java.io.IOException;
+import java.util.Map;
+
+@Component
+public class CustomAccessDeniedHandler implements AccessDeniedHandler {
+
+ private static final ObjectMapper mapper = new ObjectMapper();
+ @Override
+ public void handle(HttpServletRequest request,
+ HttpServletResponse response,
+ AccessDeniedException accessDeniedException) throws IOException {
+ response.setStatus(HttpServletResponse.SC_FORBIDDEN); // 403
+ response.setContentType("application/json");
+ Map errorResponse = Map.of("error" , "Forbidden",
+ "message","Access denied");
+ response.getWriter().write(mapper.writeValueAsString(errorResponse));
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/iemr/tm/utils/exception/CustomAuthenticationEntryPoint.java b/src/main/java/com/iemr/tm/utils/exception/CustomAuthenticationEntryPoint.java
new file mode 100644
index 00000000..df622dfb
--- /dev/null
+++ b/src/main/java/com/iemr/tm/utils/exception/CustomAuthenticationEntryPoint.java
@@ -0,0 +1,23 @@
+package com.iemr.tm.utils.exception;
+
+import java.io.IOException;
+
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@Component
+public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint {
+
+ @Override
+ public void commence(HttpServletRequest request,
+ HttpServletResponse response,
+ AuthenticationException authException) throws IOException {
+ response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
+ response.setContentType("application/json");
+ response.getWriter().write("{\"error\": \"Unauthorized\", \"message\": \"" + authException.getMessage() + "\"}");
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/iemr/tm/utils/mapper/RoleAuthenticationFilter.java b/src/main/java/com/iemr/tm/utils/mapper/RoleAuthenticationFilter.java
new file mode 100644
index 00000000..68effd1d
--- /dev/null
+++ b/src/main/java/com/iemr/tm/utils/mapper/RoleAuthenticationFilter.java
@@ -0,0 +1,96 @@
+package com.iemr.tm.utils.mapper;
+
+import java.util.List;
+import java.util.Objects;
+import java.util.stream.Collectors;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import com.iemr.tm.service.common.master.CommonMasterServiceImpl;
+import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.JwtAuthenticationUtil;
+import com.iemr.tm.utils.JwtUtil;
+import com.iemr.tm.utils.redis.RedisStorage;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.io.IOException;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@Component
+public class RoleAuthenticationFilter extends OncePerRequestFilter {
+
+ @Autowired
+ private JwtUtil jwtUtil;
+
+ @Autowired
+ private RedisStorage redisService;
+
+ @Autowired
+ private JwtAuthenticationUtil userService;
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+ throws ServletException, IOException, java.io.IOException {
+ List authRoles = null;
+ try {
+ String jwtFromCookie = CookieUtil.getJwtTokenFromCookie(request);
+ String jwtFromHeader = request.getHeader("Jwttoken");
+
+ String jwtToken = jwtFromCookie != null ? jwtFromCookie : jwtFromHeader;
+ if(null == jwtToken || jwtToken.trim().isEmpty()) {
+ filterChain.doFilter(request, response);
+ return;
+ }
+ Claims claims = jwtUtil.validateToken(jwtToken);
+ if(null == claims) {
+ filterChain.doFilter(request, response);
+ return;
+ }
+ Object userIdObj = claims.get("userId");
+ String userId = userIdObj != null ? userIdObj.toString() : null;
+ if (null == userId || userId.trim().isEmpty()) {
+ filterChain.doFilter(request, response);
+ return;
+ }
+ Long userIdLong;
+ try {
+ userIdLong=Long.valueOf(userId);
+ }catch (NumberFormatException ex) {
+ filterChain.doFilter(request, response);
+ return;
+ }
+ authRoles = redisService.getUserRoleFromCache(userIdLong);
+ if (authRoles == null || authRoles.isEmpty()) {
+ List roles = userService.getUserRoles(userIdLong); // assuming this returns multiple roles
+ authRoles = roles.stream()
+ .filter(Objects::nonNull)
+ .map(String::trim)
+ .map(role -> "ROLE_" + role.toUpperCase().replace(" ", "_"))
+ .collect(Collectors.toList());
+ redisService.cacheUserRoles(userIdLong, authRoles);
+ }
+
+ List authorities = authRoles.stream()
+ .map(SimpleGrantedAuthority::new)
+ .collect(Collectors.toList());
+
+ UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(userId, null, authorities);
+ SecurityContextHolder.getContext().setAuthentication(auth);
+ } catch (Exception e) {
+ SecurityContextHolder.clearContext();
+ } finally {
+ filterChain.doFilter(request, response);
+ }
+
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/iemr/tm/utils/mapper/SecurityConfig.java b/src/main/java/com/iemr/tm/utils/mapper/SecurityConfig.java
new file mode 100644
index 00000000..ed74da7b
--- /dev/null
+++ b/src/main/java/com/iemr/tm/utils/mapper/SecurityConfig.java
@@ -0,0 +1,53 @@
+package com.iemr.tm.utils.mapper;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+
+import com.iemr.tm.utils.exception.CustomAccessDeniedHandler;
+import com.iemr.tm.utils.exception.CustomAuthenticationEntryPoint;
+
+
+@Configuration
+@EnableMethodSecurity
+@EnableWebSecurity
+public class SecurityConfig {
+ private final RoleAuthenticationFilter roleAuthenticationFilter;
+ private final CustomAuthenticationEntryPoint customAuthenticationEntryPoint;
+ private final CustomAccessDeniedHandler customAccessDeniedHandler;
+
+ public SecurityConfig(RoleAuthenticationFilter roleAuthenticationFilter,
+ CustomAuthenticationEntryPoint customAuthenticationEntryPoint,
+ CustomAccessDeniedHandler customAccessDeniedHandler) {
+ this.roleAuthenticationFilter = roleAuthenticationFilter;
+ this.customAuthenticationEntryPoint = customAuthenticationEntryPoint;
+ this.customAccessDeniedHandler = customAccessDeniedHandler;
+ }
+
+@Bean
+public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ CookieCsrfTokenRepository csrfTokenRepository = new CookieCsrfTokenRepository();
+ csrfTokenRepository.setCookieHttpOnly(true);
+ csrfTokenRepository.setCookiePath("/");
+ http
+ .csrf(csrf -> csrf.disable())
+ .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+ .authorizeHttpRequests(auth -> auth
+ .requestMatchers("/user/*").permitAll()
+ .anyRequest().authenticated()
+ )
+ .exceptionHandling(ex -> ex
+ .authenticationEntryPoint(customAuthenticationEntryPoint)
+ .accessDeniedHandler(customAccessDeniedHandler)
+ )
+ .addFilterBefore(roleAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+
+ return http.build();
+}
+}
diff --git a/src/main/java/com/iemr/tm/utils/redis/RedisStorage.java b/src/main/java/com/iemr/tm/utils/redis/RedisStorage.java
index 49b2c586..69fa170a 100644
--- a/src/main/java/com/iemr/tm/utils/redis/RedisStorage.java
+++ b/src/main/java/com/iemr/tm/utils/redis/RedisStorage.java
@@ -21,12 +21,15 @@
*/
package com.iemr.tm.utils.redis;
+import java.util.List;
+
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.connection.RedisConnection;
import org.springframework.data.redis.connection.RedisStringCommands.SetOption;
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.types.Expiration;
import org.springframework.stereotype.Component;
@@ -92,4 +95,28 @@ public String updateObject(String key, String value, Boolean extendExpirationTim
return key;
}
+
+ @Autowired
+ private RedisTemplate redisTemplate;
+
+ public void cacheUserRoles(Long userId, List roles) {
+ try {
+ String key = "roles:" + userId;
+ redisTemplate.delete(key); // Clear previous cache
+ redisTemplate.opsForList().rightPushAll(key, roles);
+ redisTemplate.expire(key, 30, java.util.concurrent.TimeUnit.MINUTES);
+ } catch (Exception e) {
+ logger.warn("Failed to cache role for user {} : {} ", userId, e.getMessage());
+ }
+
+ }
+
+ public List getUserRoleFromCache(Long userId) {
+ try {
+ return redisTemplate.opsForList().range("roles:" + userId, 0, -1);
+ } catch (Exception e) {
+ logger.warn("Failed to retrieve cached role for user {} : {} ", userId, e.getMessage());
+ return null;
+ }
+ }
}
From 67952c67b295c736e4513917e7a854912054161b Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Fri, 28 Nov 2025 18:35:01 +0530
Subject: [PATCH 22/39] fix:1896 added space for single dose after food string
due
---
.../tm/service/common/transaction/CommonNurseServiceImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index 8ebb3bb5..a01232a0 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -3007,7 +3007,7 @@ private double getQtyForOneDay(String form, String dose, String frequency) {
}
} else {
if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
- frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
+ frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = .5;
From c7b4dac36156411d5e8bee056851bc4f23abfd12 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Fri, 28 Nov 2025 19:27:09 +0530
Subject: [PATCH 23/39] fix:1896 added single dose after and before food
confition for calculated qntity
---
.../tm/service/common/transaction/CommonNurseServiceImpl.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index a01232a0..e2f47509 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -2887,7 +2887,8 @@ private int calculateQtyPrescribed(String form, String dose, String frequency, S
if (form != null && dose != null && frequency != null && duration != null && durationUnit != null) {
double qtyInOneDay = getQtyForOneDay(form, dose, frequency);
- if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")) {
+ if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
+ frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
qtyPrescribed = (int) Math.ceil(qtyInOneDay);
} else {
if (durationUnit.equalsIgnoreCase("Day(s)"))
From 340c8312a58ead09c855b821abf86c0c715092a1 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Wed, 3 Dec 2025 15:16:58 +0530
Subject: [PATCH 24/39] fix: amm-1963 frequncy is not calculating for single
dose frequency
---
.../common/transaction/CommonNurseServiceImpl.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index e2f47509..aa7eadfd 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -2887,17 +2887,17 @@ private int calculateQtyPrescribed(String form, String dose, String frequency, S
if (form != null && dose != null && frequency != null && duration != null && durationUnit != null) {
double qtyInOneDay = getQtyForOneDay(form, dose, frequency);
- if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
- frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
- qtyPrescribed = (int) Math.ceil(qtyInOneDay);
- } else {
+ // if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
+ // frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
+ // qtyPrescribed = (int) Math.ceil(qtyInOneDay);
+ // } else {
if (durationUnit.equalsIgnoreCase("Day(s)"))
qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * qtyInOneDay);
else if (durationUnit.equalsIgnoreCase("Week(s)"))
qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 7 * qtyInOneDay);
else if (durationUnit.equalsIgnoreCase("Month(s)"))
qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 30 * qtyInOneDay);
- }
+ // }
}
return qtyPrescribed;
From 7994ac81c0983f261b2c899a65dd52491bcd7430 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Thu, 4 Dec 2025 10:54:27 +0530
Subject: [PATCH 25/39] fix: amm-1963 remoed the comments
---
.../transaction/CommonNurseServiceImpl.java | 18 +++++++-----------
1 file changed, 7 insertions(+), 11 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index aa7eadfd..e865bc86 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -2887,17 +2887,13 @@ private int calculateQtyPrescribed(String form, String dose, String frequency, S
if (form != null && dose != null && frequency != null && duration != null && durationUnit != null) {
double qtyInOneDay = getQtyForOneDay(form, dose, frequency);
- // if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
- // frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
- // qtyPrescribed = (int) Math.ceil(qtyInOneDay);
- // } else {
- if (durationUnit.equalsIgnoreCase("Day(s)"))
- qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * qtyInOneDay);
- else if (durationUnit.equalsIgnoreCase("Week(s)"))
- qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 7 * qtyInOneDay);
- else if (durationUnit.equalsIgnoreCase("Month(s)"))
- qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 30 * qtyInOneDay);
- // }
+ if (durationUnit.equalsIgnoreCase("Day(s)"))
+ qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * qtyInOneDay);
+ else if (durationUnit.equalsIgnoreCase("Week(s)"))
+ qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 7 * qtyInOneDay);
+ else if (durationUnit.equalsIgnoreCase("Month(s)"))
+ qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 30 * qtyInOneDay);
+
}
return qtyPrescribed;
From fb27280a8e350f45e53506336a2ae453eac24573 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Thu, 4 Dec 2025 12:22:24 +0530
Subject: [PATCH 26/39] fix: sonarqubecloud fixs
---
.../java/com/iemr/tm/service/anc/ANCServiceImpl.java | 6 +++---
.../benFlowStatus/CommonBenStatusFlowServiceImpl.java | 1 -
.../iemr/tm/service/cancerScreening/CSServiceImpl.java | 6 ++++--
.../com/iemr/tm/service/covid19/Covid19ServiceImpl.java | 7 ++++---
.../tm/service/generalOPD/GeneralOPDServiceImpl.java | 6 ++++--
.../com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java | 9 ++++++---
.../ncdscreening/NCDSCreeningDoctorServiceImpl.java | 6 ++++--
.../tm/service/ncdscreening/NCDScreeningServiceImpl.java | 6 +++---
.../java/com/iemr/tm/service/pnc/PNCServiceImpl.java | 6 +++---
.../quickConsultation/QuickConsultationServiceImpl.java | 6 ++++--
10 files changed, 35 insertions(+), 24 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java b/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
index 8f8db36f..59d21520 100644
--- a/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
@@ -348,11 +348,11 @@ public Long saveANCDoctorData(JsonObject requestOBJ, String Authorization) throw
Long diagnosisSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
- Integer tcRequestStatusFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
}
if (requestOBJ != null) {
diff --git a/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java b/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
index d905a7a7..ec0f8514 100644
--- a/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/benFlowStatus/CommonBenStatusFlowServiceImpl.java
@@ -27,7 +27,6 @@
import java.util.ArrayList;
import java.util.Calendar;
-import org.checkerframework.checker.units.qual.s;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
diff --git a/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java b/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
index a9bd3575..cae5a298 100644
--- a/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
@@ -810,10 +810,12 @@ public String getBenDataFrmNurseToDocExaminationScreen(Long benRegID, Long visit
public Long saveCancerScreeningDoctorData(JsonObject requestOBJ, String Authorization) throws Exception {
Long docDataSuccessFlag = null;
Long tcRequestStatusFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
+
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
}
diff --git a/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java b/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
index db0adb7f..5eb1a547 100644
--- a/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
@@ -967,7 +967,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Integer prescriptionSuccessFlag = null;
// Long diagnosisSuccessFlag = null;
Long referSaveSuccessFlag = null;
- Integer tcRequestStatusFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
+
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -982,8 +983,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java b/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
index aa09b486..acef711a 100644
--- a/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
@@ -738,6 +738,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Integer findingSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
+
//Integer tcRequestStatusFlag = null;
@@ -755,8 +757,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
index 2076464d..9fe06080 100644
--- a/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
@@ -756,7 +756,7 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Integer prescriptionSuccessFlag = null;
Long diagnosisSuccessFlag = null;
Long referSaveSuccessFlag = null;
- Integer tcRequestStatusFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -772,8 +772,11 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+
+
+
+ if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
index b21423b7..dfff0b3e 100644
--- a/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
@@ -78,6 +78,8 @@ public int updateDoctorData(JsonObject requestOBJ, String Authorization) throws
Integer findingSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
+
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -95,8 +97,8 @@ public int updateDoctorData(JsonObject requestOBJ, String Authorization) throws
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
index dc91a21a..db394ef5 100644
--- a/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
@@ -1008,7 +1008,7 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Integer findingSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
- Integer tcRequestStatusFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -1024,8 +1024,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java b/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
index 7ad63321..1adaa245 100644
--- a/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
@@ -300,7 +300,7 @@ public Long savePNCDoctorData(JsonObject requestOBJ, String Authorization) throw
Long diagnosisSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
- // Integer tcRequestStatusFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -316,8 +316,8 @@ public Long savePNCDoctorData(JsonObject requestOBJ, String Authorization) throw
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has("doctorSignatureFlag") && !requestOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
+ if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java b/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
index 9ca3e73a..4c70729f 100644
--- a/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
@@ -316,6 +316,8 @@ public Integer quickConsultDoctorDataInsert(JsonObject quickConsultDoctorOBJ, St
Integer investigationSuccessFlag = null;
Integer vitalsRBSTestFlag=null;
Long referSaveSuccessFlag = null;
+ final String Doctor_Signature = "doctorSignatureFlag";
+
TeleconsultationRequestOBJ tcRequestOBJ = null;
CommonUtilityClass commonUtilityClass = InputMapper.gson().fromJson(quickConsultDoctorOBJ,
@@ -340,8 +342,8 @@ public Integer quickConsultDoctorDataInsert(JsonObject quickConsultDoctorOBJ, St
isMedicinePrescribed = true;
Boolean doctorSignatureFlag = false;
- if (quickConsultDoctorOBJ.has("doctorSignatureFlag") && !quickConsultDoctorOBJ.get("doctorSignatureFlag").isJsonNull()) {
- doctorSignatureFlag = quickConsultDoctorOBJ.get("doctorSignatureFlag").getAsBoolean();
+ if (quickConsultDoctorOBJ.has(Doctor_Signature) && !quickConsultDoctorOBJ.get(Doctor_Signature).isJsonNull()) {
+ doctorSignatureFlag = quickConsultDoctorOBJ.get(Doctor_Signature).getAsBoolean();
}
// save prescribed medicine
From 114cee63dce073177a5142c0d547fb76817218e6 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Thu, 4 Dec 2025 13:16:55 +0530
Subject: [PATCH 27/39] fix: added const variable to doctorsignature object to
remove duplicate
---
src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java | 6 +++---
.../com/iemr/tm/service/cancerScreening/CSServiceImpl.java | 6 +++---
.../com/iemr/tm/service/covid19/Covid19ServiceImpl.java | 7 ++++---
.../iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java | 6 +++---
.../com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java | 6 +++---
.../ncdscreening/NCDSCreeningDoctorServiceImpl.java | 6 +++---
.../tm/service/ncdscreening/NCDScreeningServiceImpl.java | 7 ++++---
src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java | 6 +++---
.../quickConsultation/QuickConsultationServiceImpl.java | 6 +++---
9 files changed, 29 insertions(+), 27 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java b/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
index 59d21520..5f8d1156 100644
--- a/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/anc/ANCServiceImpl.java
@@ -348,11 +348,11 @@ public Long saveANCDoctorData(JsonObject requestOBJ, String Authorization) throw
Long diagnosisSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = requestOBJ.has("doctorSignatureFlag");
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = doctorSignature;
}
if (requestOBJ != null) {
diff --git a/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java b/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
index cae5a298..a13f7499 100644
--- a/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/cancerScreening/CSServiceImpl.java
@@ -810,12 +810,12 @@ public String getBenDataFrmNurseToDocExaminationScreen(Long benRegID, Long visit
public Long saveCancerScreeningDoctorData(JsonObject requestOBJ, String Authorization) throws Exception {
Long docDataSuccessFlag = null;
Long tcRequestStatusFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = requestOBJ.has("doctorSignatureFlag");
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = doctorSignature;
}
diff --git a/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java b/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
index 5eb1a547..2d133113 100644
--- a/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/covid19/Covid19ServiceImpl.java
@@ -967,7 +967,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Integer prescriptionSuccessFlag = null;
// Long diagnosisSuccessFlag = null;
Long referSaveSuccessFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = requestOBJ.has("doctorSignatureFlag");
+
if (requestOBJ != null) {
@@ -983,8 +984,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = doctorSignature;
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java b/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
index acef711a..7039a632 100644
--- a/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/generalOPD/GeneralOPDServiceImpl.java
@@ -738,7 +738,7 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Integer findingSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = requestOBJ.has("doctorSignatureFlag");
//Integer tcRequestStatusFlag = null;
@@ -757,8 +757,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = doctorSignature;
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
index 9fe06080..b5e42548 100644
--- a/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdCare/NCDCareServiceImpl.java
@@ -756,7 +756,7 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Integer prescriptionSuccessFlag = null;
Long diagnosisSuccessFlag = null;
Long referSaveSuccessFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = requestOBJ.has("doctorSignatureFlag");
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -775,8 +775,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
- if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = doctorSignature;
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
index dfff0b3e..328fcbd6 100644
--- a/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdscreening/NCDSCreeningDoctorServiceImpl.java
@@ -78,7 +78,7 @@ public int updateDoctorData(JsonObject requestOBJ, String Authorization) throws
Integer findingSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = requestOBJ.has("doctorSignatureFlag");
if (requestOBJ != null) {
@@ -97,8 +97,8 @@ public int updateDoctorData(JsonObject requestOBJ, String Authorization) throws
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = doctorSignature;
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java b/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
index db394ef5..486361cb 100644
--- a/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/ncdscreening/NCDScreeningServiceImpl.java
@@ -1008,7 +1008,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Integer findingSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = requestOBJ.has("doctorSignatureFlag");
+
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -1024,8 +1025,8 @@ public Long saveDoctorData(JsonObject requestOBJ, String Authorization) throws E
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = doctorSignature;
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java b/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
index 1adaa245..e7dedec5 100644
--- a/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/pnc/PNCServiceImpl.java
@@ -300,7 +300,7 @@ public Long savePNCDoctorData(JsonObject requestOBJ, String Authorization) throw
Long diagnosisSuccessFlag = null;
Integer prescriptionSuccessFlag = null;
Long referSaveSuccessFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = requestOBJ.has("doctorSignatureFlag");
if (requestOBJ != null) {
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -316,8 +316,8 @@ public Long savePNCDoctorData(JsonObject requestOBJ, String Authorization) throw
Boolean isMedicinePrescribed = false;
Boolean doctorSignatureFlag = false;
- if (requestOBJ.has(Doctor_Signature) && !requestOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = requestOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = requestOBJ.get("doctorSignatureFlag").getAsBoolean();
}
// checking if test is prescribed
diff --git a/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java b/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
index 4c70729f..306e30a3 100644
--- a/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/quickConsultation/QuickConsultationServiceImpl.java
@@ -316,7 +316,7 @@ public Integer quickConsultDoctorDataInsert(JsonObject quickConsultDoctorOBJ, St
Integer investigationSuccessFlag = null;
Integer vitalsRBSTestFlag=null;
Long referSaveSuccessFlag = null;
- final String Doctor_Signature = "doctorSignatureFlag";
+ boolean doctorSignature = quickConsultDoctorOBJ.has("doctorSignatureFlag");
TeleconsultationRequestOBJ tcRequestOBJ = null;
@@ -342,8 +342,8 @@ public Integer quickConsultDoctorDataInsert(JsonObject quickConsultDoctorOBJ, St
isMedicinePrescribed = true;
Boolean doctorSignatureFlag = false;
- if (quickConsultDoctorOBJ.has(Doctor_Signature) && !quickConsultDoctorOBJ.get(Doctor_Signature).isJsonNull()) {
- doctorSignatureFlag = quickConsultDoctorOBJ.get(Doctor_Signature).getAsBoolean();
+ if (doctorSignature) {
+ doctorSignatureFlag = doctorSignature;
}
// save prescribed medicine
From 61f77387ed9ce9c030c8ac3514858312b81a6fda Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Fri, 5 Dec 2025 13:14:30 +0530
Subject: [PATCH 28/39] fix: Added proper space in the string
---
.../tm/service/common/transaction/CommonNurseServiceImpl.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index e865bc86..0dd8f62e 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -2883,7 +2883,7 @@ public Integer saveBenPrescribedDrugsList(List prescribedD
private int calculateQtyPrescribed(String form, String dose, String frequency, String duration,
String durationUnit) {
int qtyPrescribed = 0;
-
+ logger.info("Frequecy", frequency);
if (form != null && dose != null && frequency != null && duration != null && durationUnit != null) {
double qtyInOneDay = getQtyForOneDay(form, dose, frequency);
@@ -3004,7 +3004,7 @@ private double getQtyForOneDay(String form, String dose, String frequency) {
}
} else {
if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
- frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
+ frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = .5;
From cb2b837d78795cd32716e1a6ab24775fb7cea792 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Fri, 5 Dec 2025 13:59:57 +0530
Subject: [PATCH 29/39] fix: Added proper space in the string
---
.../tm/service/common/transaction/CommonNurseServiceImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index 0dd8f62e..6c368268 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -3004,7 +3004,7 @@ private double getQtyForOneDay(String form, String dose, String frequency) {
}
} else {
if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
- frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
+ frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
if (form.equalsIgnoreCase("Tablet")) {
if (dose.equalsIgnoreCase("Half Tab")) {
qtyInOneDay = .5;
From 872730cc57ba000c4ec30c2bbbc8af631d8a0ded Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Fri, 5 Dec 2025 14:23:23 +0530
Subject: [PATCH 30/39] fix: Added condition for the single dose after and
before food
---
.../transaction/CommonNurseServiceImpl.java | 21 ++++++++++++-------
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index 6c368268..dc141fcb 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -2883,17 +2883,22 @@ public Integer saveBenPrescribedDrugsList(List prescribedD
private int calculateQtyPrescribed(String form, String dose, String frequency, String duration,
String durationUnit) {
int qtyPrescribed = 0;
- logger.info("Frequecy", frequency);
+ logger.info("Frequecy", frequency);
if (form != null && dose != null && frequency != null && duration != null && durationUnit != null) {
double qtyInOneDay = getQtyForOneDay(form, dose, frequency);
- if (durationUnit.equalsIgnoreCase("Day(s)"))
- qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * qtyInOneDay);
- else if (durationUnit.equalsIgnoreCase("Week(s)"))
- qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 7 * qtyInOneDay);
- else if (durationUnit.equalsIgnoreCase("Month(s)"))
- qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 30 * qtyInOneDay);
-
+ if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
+ frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
+ qtyPrescribed = (int) Math.ceil(qtyInOneDay);
+ } else {
+ if (durationUnit.equalsIgnoreCase("Day(s)"))
+ qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * qtyInOneDay);
+ else if (durationUnit.equalsIgnoreCase("Week(s)"))
+ qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 7 * qtyInOneDay);
+ else if (durationUnit.equalsIgnoreCase("Month(s)"))
+ qtyPrescribed = (int) Math.ceil(Integer.parseInt(duration) * 30 * qtyInOneDay);
+ }
+
}
return qtyPrescribed;
From 902b0a8fd8237d8750a81cbda845645a1a9c96c1 Mon Sep 17 00:00:00 2001
From: SnehaRH
Date: Fri, 5 Dec 2025 15:17:56 +0530
Subject: [PATCH 31/39] fix: reverting the code which I made for single dose
after and before
---
.../tm/service/common/transaction/CommonNurseServiceImpl.java | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
index dc141fcb..9c651ba5 100644
--- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
+++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java
@@ -2887,8 +2887,7 @@ private int calculateQtyPrescribed(String form, String dose, String frequency, S
if (form != null && dose != null && frequency != null && duration != null && durationUnit != null) {
double qtyInOneDay = getQtyForOneDay(form, dose, frequency);
- if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")||
- frequency.equalsIgnoreCase("Single Dose Before Food") || frequency.equalsIgnoreCase("Single Dose After Food")) {
+ if (frequency.equalsIgnoreCase("Single Dose") || frequency.equalsIgnoreCase("Stat Dose")) {
qtyPrescribed = (int) Math.ceil(qtyInOneDay);
} else {
if (durationUnit.equalsIgnoreCase("Day(s)"))
From 55415fad3df1a1fd6625ce94fe9c347e71f7f6c6 Mon Sep 17 00:00:00 2001
From: Saurav Mishra
Date: Thu, 11 Dec 2025 15:44:54 +0530
Subject: [PATCH 32/39] fix role issue in register api
---
.../iemr/tm/controller/registrar/main/RegistrarController.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java b/src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java
index 2382edb9..5ddcf7ce 100644
--- a/src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java
+++ b/src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java
@@ -399,7 +399,7 @@ public String createBeneficiary(
// beneficiary registration with common and identity new
@Operation(summary = "Register a new beneficiary new API")
@PostMapping(value = { "/registrarBeneficaryRegistrationNew" })
- @PreAuthorize("hasRole('NURSE') || hasRole('REGISTRAR')")
+ @PreAuthorize("hasRole('NURSE') || hasRole('REGISTRAR') || hasRole('ASHA')")
public String registrarBeneficaryRegistrationNew(@RequestBody String comingReq,
@RequestHeader(value = "Authorization") String Authorization) {
String s;
From 64904e1fcd8be91c5da0bb5d1bdf9a7e6a677a7d Mon Sep 17 00:00:00 2001
From: Saurav Mishra
Date: Tue, 16 Dec 2025 17:52:23 +0530
Subject: [PATCH 33/39] attach logger
---
src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
index 79708478..ef84104c 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
@@ -125,11 +125,13 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
return;
}
} else {
+
String userAgent = request.getHeader("User-Agent");
logger.info("User-Agent: " + userAgent);
if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
try {
+ logger.info("TM-API_AUTH:"+authHeader);
UserAgentContext.setUserAgent(userAgent);
filterChain.doFilter(servletRequest, servletResponse);
} finally {
From 54cf26d7dee5b4f3607d449065129ec16cc1bae7 Mon Sep 17 00:00:00 2001
From: Saurav Mishra
Date: Tue, 16 Dec 2025 18:05:39 +0530
Subject: [PATCH 34/39] remove user agent
---
src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
index ef84104c..4dd252db 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
@@ -129,7 +129,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
String userAgent = request.getHeader("User-Agent");
logger.info("User-Agent: " + userAgent);
- if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
+ if (authHeader != null) {
try {
logger.info("TM-API_AUTH:"+authHeader);
UserAgentContext.setUserAgent(userAgent);
From caecbae7cb5402c2a1223431b171234c5970d335 Mon Sep 17 00:00:00 2001
From: Saurav Mishra
Date: Tue, 16 Dec 2025 18:14:40 +0530
Subject: [PATCH 35/39] revert user agent
---
src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
index 4dd252db..ef84104c 100644
--- a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
+++ b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
@@ -129,7 +129,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
String userAgent = request.getHeader("User-Agent");
logger.info("User-Agent: " + userAgent);
- if (authHeader != null) {
+ if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
try {
logger.info("TM-API_AUTH:"+authHeader);
UserAgentContext.setUserAgent(userAgent);
From 48cccadd8a2e318c86e1a1aad31de31bcc70f6ba Mon Sep 17 00:00:00 2001
From: Saurav Mishra
Date: Tue, 16 Dec 2025 18:37:44 +0530
Subject: [PATCH 36/39] update RestTemplateUtil
---
.../com/iemr/tm/utils/RestTemplateUtil.java | 31 +++++++++++++++++++
.../com/iemr/tm/utils/http/HttpUtils.java | 7 +++++
2 files changed, 38 insertions(+)
diff --git a/src/main/java/com/iemr/tm/utils/RestTemplateUtil.java b/src/main/java/com/iemr/tm/utils/RestTemplateUtil.java
index d14556a0..80690e78 100644
--- a/src/main/java/com/iemr/tm/utils/RestTemplateUtil.java
+++ b/src/main/java/com/iemr/tm/utils/RestTemplateUtil.java
@@ -50,4 +50,35 @@ public static HttpEntity